From rjh at sixdemonbag.org Fri May 1 00:03:55 2009 From: rjh at sixdemonbag.org (Robert J. Hansen) Date: Fri, 01 May 2009 03:03:55 -0400 Subject: [Enigmail] Encrypt newsposts In-Reply-To: <49FA9518.9090102@hajo-kirchhoff.de> References: <49F9ACC4.30500@hajo-kirchhoff.de> <49F9F440.6070904@bellsouth.net> <49FA9518.9090102@hajo-kirchhoff.de> Message-ID: <49FA9EDB.9000805@sixdemonbag.org> mailinglists wrote: > my problem is that enigmail refuses to encrypt posts. Actively refuses. This is not an Enigmail defect, the same way that it's not a defect for a pistol to refuse to fire if the safety is on. In both cases, the tools are behaving entirely properly, and have been designed that way for your safety. As a few people here have already told you, it doesn't make sense to use asymmetric crypto to post encrypted messages to a newsgroup. Enigmail is not refusing to encrypt posts; it's refusing to let you do something that it's pretty sure is a mistake. What you want to do is _incredibly_ niche -- in a dozen years of being active in the PGP world, this is the first time I've ever heard of it -- and it's reasonable for Enigmail to not support incredibly niche uses. If we support this behavior, we will probably field hundreds of "Enigmail doesn't work, it's garbling all my newsgroup posts!" for every user who has a legitimate use case for the feature. I would suggest going a different route. Tell us what your specific need is. What do you wish to achieve? There are probably better ways to do it than this. From John at Mozilla-Enigmail.org Fri May 1 00:04:42 2009 From: John at Mozilla-Enigmail.org (John Clizbe) Date: Fri, 01 May 2009 02:04:42 -0500 Subject: [Enigmail] Encrypt newsposts In-Reply-To: <49FA9518.9090102@hajo-kirchhoff.de> References: <49F9ACC4.30500@hajo-kirchhoff.de> <49F9F440.6070904@bellsouth.net> <49FA9518.9090102@hajo-kirchhoff.de> Message-ID: <49FA9F0A.5030804@Mozilla-Enigmail.org> mailinglists wrote: > Hi, thank you all, > > my problem is that enigmail refuses to encrypt posts. Actively refuses. > > I am using a shared public/private key and have set up identity and > rules such that encrypting is active when posting to this particular > newsgroup, say it's called rc.test > > Enigmail finds the rule but then refuses to continue. > > So it's not a matter of how to set up my keys, I (think I) already done > that. It's just that enigmail detects a newsgroup address in the > recipients and then prints this error and stops with this error message. > >>> Presently enigmail complains: "Encrypted send operation aborted.\n\nThis >>> message cannot be encrypted because there are newsgroup recipients." > > > Thank you, I already did that. But enigmail refuses to inline encrypt my > post. I'm going to go out on a limb and say Enigmail is "Doing The Right Thing(tm)". This is probably the only time I've ever seen mention of encrypting news, so I don't think Enigmail should be changed to allow it. It's an outlier behavior. I think you're going to need to do your encryption up-front before clicking Send. PGPDesktop/GPGshell/WinPT all provide both current-window and clipboard capability for doing this. My $0.02. -- John P. Clizbe Inet:John (a) Mozilla-Enigmail.org You can't spell fiasco without SCO. hkp://keyserver.gingerbear.net or mailto:pgp-public-keys at gingerbear.net?subject=HELP Q:"Just how do the residents of Haiku, Hawai'i hold conversations?" A:"An odd melody / island voices on the winds / surplus of vowels" -------------- next part -------------- A non-text attachment was scrubbed... Name: signature.asc Type: application/pgp-signature Size: 678 bytes Desc: OpenPGP digital signature URL: From mailinglists at hajo-kirchhoff.de Fri May 1 00:54:58 2009 From: mailinglists at hajo-kirchhoff.de (mailinglists) Date: Fri, 01 May 2009 09:54:58 +0200 Subject: [Enigmail] Encrypt newsposts In-Reply-To: <49FA9EDB.9000805@sixdemonbag.org> References: <49F9ACC4.30500@hajo-kirchhoff.de> <49F9F440.6070904@bellsouth.net> <49FA9518.9090102@hajo-kirchhoff.de> <49FA9EDB.9000805@sixdemonbag.org> Message-ID: <49FAAAD2.4020305@hajo-kirchhoff.de> Hi Robert, >> my problem is that enigmail refuses to encrypt posts. Actively refuses. >> > This is not an Enigmail defect, the same way that it's not a defect for > a pistol to refuse to fire if the safety is on. I didn't think it was a defect, I thought enigmail was being overly protective. My question is, how do I disable safety? I know what I am doing and don't (always) want a tool protecting me from myself. > As a few people here have already told you, it doesn't make sense to use > asymmetric crypto to post encrypted messages to a newsgroup. > Well, every once in a while, someone with more than 20 years experience in the computer/programming field comes along and is pretty sure he knows what he is doing ;-) And I think in my case it makes sense, but perhaps you've got a better idea. See below. > What you want to do is _incredibly_ niche -- in a dozen years of being > active in the PGP world, this is the first time I've ever heard of it -- > and it's reasonable for Enigmail to not support incredibly niche uses. > Oh perhaps its niche, but is it unreasonably for me to ask if there is some switch to disable safety? It's not as if it isn't supported. Instead my impression is that it is actively prohibited, IOW some safety code was added, not some feature left out. > I would suggest going a different route. Tell us what your specific > need is. What do you wish to achieve? There are probably better ways > to do it than this. > I would love to hear any ideas. Here is what I need. There is this small software project with a handful of developers, testers and managers. Currently we do all discussion via email, which is pretty cumbersome and has its own problems. My idea was to set up a private news server with access restrictions and SSL encrypting traffic to and from. But this still leaves posts unencrypted on the server and on the clients as well, which is unacceptable to the management. So my suggestion was to create a shared group key and use thunderbird+enigmail to post to the news server, just like we used email before. To my great surprise enigmail refused to encrypt the posts. I used that idea a couple of years back with success using MS-Outlook Express and "hamster" as a news server, but Outlook is out of the question here :) Any ideas? Here are the requirements: + Find a better alternative for software and project discussions than email. News would suit fine. + Support access control. + Don't leave news posts unencrypted on the server or anywhere else. They should be decrypted on the fly, just like enigmail does. + Allow easy archiving of old posts. + Allow new members to read old posts, which rules out encryping mails to a predefined set of keys, as the keys of potentially new members are not known to the original poster. Now it's not that we are developing some super secret weapon. It's just that management, for once, is actually aware of and interested in using encryption. I am pretty glad that there are managers that care about things like that and I want to support that. Also, as they have outsourced their entire IT-Administration (including backups but excluding PGP keys of course), I can understand they do not want their contractor to be able to snoop in our discussion. Many thanks and regards Hajo From mailinglists at hajo-kirchhoff.de Fri May 1 01:02:12 2009 From: mailinglists at hajo-kirchhoff.de (mailinglists) Date: Fri, 01 May 2009 10:02:12 +0200 Subject: [Enigmail] Encrypt newsposts In-Reply-To: <49FA9F0A.5030804@Mozilla-Enigmail.org> References: <49F9ACC4.30500@hajo-kirchhoff.de> <49F9F440.6070904@bellsouth.net> <49FA9518.9090102@hajo-kirchhoff.de> <49FA9F0A.5030804@Mozilla-Enigmail.org> Message-ID: <49FAAC84.6080302@hajo-kirchhoff.de> Hi John, > I think you're going to need to do your encryption up-front before > clicking Send. PGPDesktop/GPGshell/WinPT all provide both current-window > and clipboard capability for doing this. > thanks for the suggestion, but that is out of the question. It's too easy to forget to hit Ctrl+Alt+Whatever to encrypt the post before hitting send. It needs to be fully automated, such as with the enigmail rules. Regards Hajo From rjh at sixdemonbag.org Fri May 1 01:32:37 2009 From: rjh at sixdemonbag.org (Robert J. Hansen) Date: Fri, 01 May 2009 04:32:37 -0400 Subject: [Enigmail] Encrypt newsposts In-Reply-To: <49FAAAD2.4020305@hajo-kirchhoff.de> References: <49F9ACC4.30500@hajo-kirchhoff.de> <49F9F440.6070904@bellsouth.net> <49FA9518.9090102@hajo-kirchhoff.de> <49FA9EDB.9000805@sixdemonbag.org> <49FAAAD2.4020305@hajo-kirchhoff.de> Message-ID: <49FAB3A5.9020203@sixdemonbag.org> mailinglists wrote: > I didn't think it was a defect, I thought enigmail was being overly > protective. My question is, how do I disable [the] safety? When people start talking about disabling weapon safeties because the safety is overly protective, some sense of primordial self-preservation deep in my hindbrain demands that I dive for cover. You may want to think a bit about what you've just said here. > I know what I am doing I hope you won't take offense, but I doubt this to be true. > Well, every once in a while, someone with more than 20 years > experience in the computer/programming field comes along and is > pretty sure he knows what he is doing ;-) 28 years of experience here, plus a thesis away from a Ph.D. in secure software engineering. Up until a few months ago I was breaking electronic voting machines for a living. John Clizbe has 34 years of experience. Be very careful when you start using your years of experience as an argument that you know what you're doing. You quickly run afoul of Whitaker's Law that way. "Do not fall into the trap of the artisan who boasts of twenty years' experience in his craft while in fact he has only one year of experience -- twenty times." > Oh perhaps its niche, but is it unreasonably for me to ask if there > is some switch to disable safety? It's not as if it isn't supported. It is exactly the case that it isn't supported, and this lack of support is a conscious design decision. > There is this small software project with a handful of developers, > testers and managers. Currently we do all discussion via email, which > is pretty cumbersome and has its own problems. My idea was to set up > a private news server with access restrictions and SSL encrypting > traffic to and from. But this still leaves posts unencrypted on the > server and on the clients as well, which is unacceptable to the > management. GNU Mailman to the rescue. You don't want a news server for this. Once you have a private mailing list set up for the group, create a per-recipient rule for the mailing list which will encrypt the traffic to the keys of each member of the group. Since the group is going to be relatively small and by invitation only, the key management problem is quite tractable. Two years ago there was a nationwide mailing list for voting security researchers. That's exactly how they did it. Dan Wallach of Rice University said that Enigmail worked like a champ in that situation, much better than PGP Desktop, Evolution, KMail, or other OpenPGP-aware clients. If you don't want to host your own mailing lists, you could even do something through Yahoo! Groups. The PGPNET mailing list does exactly this. John Moore is one of the list moderators; he's active on this list and will be happy to walk you through the process of doing this. Your goal is achieved, and the safety stays on. Sounds like a win to me. > Allow new members to read old posts, which rules out encryping mails > to a predefined set of keys, as the keys of potentially new members > are not known to the original poster. So you have a Perl script that goes through all the messages, decrypts them, encrypts them with the new subscriber's key, and sends them off-list a copy of all traffic sent to this point. It's not a hard problem. From John at Mozilla-Enigmail.org Fri May 1 01:34:47 2009 From: John at Mozilla-Enigmail.org (John Clizbe) Date: Fri, 01 May 2009 03:34:47 -0500 Subject: [Enigmail] Encrypt newsposts In-Reply-To: <49FAAC84.6080302@hajo-kirchhoff.de> References: <49F9ACC4.30500@hajo-kirchhoff.de> <49F9F440.6070904@bellsouth.net> <49FA9518.9090102@hajo-kirchhoff.de> <49FA9F0A.5030804@Mozilla-Enigmail.org> <49FAAC84.6080302@hajo-kirchhoff.de> Message-ID: <49FAB427.1040905@Mozilla-Enigmail.org> mailinglists wrote: > Hi John, >> I think you're going to need to do your encryption up-front before >> clicking Send. PGPDesktop/GPGshell/WinPT all provide both current-window >> and clipboard capability for doing this. >> > thanks for the suggestion, but that is out of the question. It's too > easy to forget to hit Ctrl+Alt+Whatever to encrypt the post before > hitting send. It needs to be fully automated, such as with the enigmail > rules. Is 34 years coding and doing system design&admin with 30 of that getting paid for it OK with your other reply to Rob (the more than 20 years part)? ;-) I have absolutely NO issue with what you are trying to achieve, but news just doesn't feel like the proper solution implementation. From your other reply: > Any ideas? Here are the requirements: > + Find a better alternative for software and project discussions than > email. News would suit fine. > + Support access control. > + Don't leave news posts unencrypted on the server or anywhere else. > They should be decrypted on the fly, just like enigmail does. > + Allow easy archiving of old posts. > + Allow new members to read old posts, which rules out encryping mails > to a predefined set of keys, as the keys of potentially new members > are not known to the original poster. What part of the current email setup is so cumbersome/wearisome? I ask because email really is, IMO, the best solution. How about a email list, subscriptions are moderated to prevent unauthorized list access. Say mailman? delivery can be imap or POP3, but I'd use POP with a local mbox for each client machine. The list manager is easily configured to archive all posts to a mbox formatted file which may be downloaded to give new members access to all prior posts. That to me looks to meet all your requirements. Single delivery address with automatic encryption to a shared key. > Now it's not that we are developing some super secret weapon. It's > just that management, for once, is actually aware of and interested > in using encryption. I am pretty glad that there are managers that > care about things like that and I want to support that. Also, as they > have outsourced their entire IT-Administration (including backups but > excluding PGP keys of course), I can understand they do not want > their contractor to be able to snoop in our discussion. Kudos to your management for going along with encryption. -- John P. Clizbe Inet:John (a) Mozilla-Enigmail.org You can't spell fiasco without SCO. hkp://keyserver.gingerbear.net or mailto:pgp-public-keys at gingerbear.net?subject=HELP Q:"Just how do the residents of Haiku, Hawai'i hold conversations?" A:"An odd melody / island voices on the winds / surplus of vowels" -------------- next part -------------- A non-text attachment was scrubbed... Name: signature.asc Type: application/pgp-signature Size: 678 bytes Desc: OpenPGP digital signature URL: From andy.ruddock at rainydayz.org Fri May 1 01:41:50 2009 From: andy.ruddock at rainydayz.org (Andy Ruddock) Date: Fri, 01 May 2009 10:41:50 +0200 Subject: [Enigmail] Encrypt newsposts In-Reply-To: <49FAAC84.6080302@hajo-kirchhoff.de> References: <49F9ACC4.30500@hajo-kirchhoff.de> <49F9F440.6070904@bellsouth.net> <49FA9518.9090102@hajo-kirchhoff.de> <49FA9F0A.5030804@Mozilla-Enigmail.org> <49FAAC84.6080302@hajo-kirchhoff.de> Message-ID: <49FAB5CE.1050801@rainydayz.org> -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 mailinglists wrote: > Hi John, >> I think you're going to need to do your encryption up-front before >> clicking Send. PGPDesktop/GPGshell/WinPT all provide both current-window >> and clipboard capability for doing this. >> > thanks for the suggestion, but that is out of the question. It's too > easy to forget to hit Ctrl+Alt+Whatever to encrypt the post before > hitting send. It needs to be fully automated, such as with the enigmail > rules. > Per-recipient rules cover this. - -- Andy Ruddock - ------------ andy.ruddock at rainydayz.org (GPG Key ID 0xA622D452) -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.9 (GNU/Linux) Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org iEYEARECAAYFAkn6tcgACgkQfSkWkaYi1FJ+jwCfeJatXx2YlsPwfLqyQd1Eue+f rs0An2QRfVetnMkGxeTGHbBhLjmaM+S2 =3X+/ -----END PGP SIGNATURE----- From jmoore3rd at bellsouth.net Fri May 1 05:09:49 2009 From: jmoore3rd at bellsouth.net (John W. Moore III) Date: Fri, 01 May 2009 08:09:49 -0400 Subject: [Enigmail] Encrypt newsposts In-Reply-To: <49FAB3A5.9020203@sixdemonbag.org> References: <49F9ACC4.30500@hajo-kirchhoff.de> <49F9F440.6070904@bellsouth.net> <49FA9518.9090102@hajo-kirchhoff.de> <49FA9EDB.9000805@sixdemonbag.org> <49FAAAD2.4020305@hajo-kirchhoff.de> <49FAB3A5.9020203@sixdemonbag.org> Message-ID: <49FAE68D.2070806@bellsouth.net> -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 Robert J. Hansen wrote: > If you don't want to host your own mailing lists, you could even do > something through Yahoo! Groups. The PGPNET mailing list does exactly > this. John Moore is one of the list moderators; he's active on this > list and will be happy to walk you through the process of doing this. My following of this thread so far indicates to Me that the 'Problem' lies in the use of a News Group Server. Because of the code within Thunderbird/SeaMonkey making them News Group readers as well as MUA's Enigmail will continue to block Your attempts to encrypt to what it perceives as a Public Forum. Use of a Group with Group Encryption using either a single Group Key or encrypting to each individual Members Key is quite feasible. Robert is correct that I participate in this very activity several times a day. Robert mentioned that PGPNET utilizes Yahoo Groups but the capability is also workable using Google Groups. Yahoo Groups offers a more 'attractive' interface but Google Groups offers some more esoteric flexibility. [IMAP, etc.,] Should You choose to follow this route it will take roughly 20 minutes of effort on the part of a Group Owner and about 5 minutes on the part of each individual Member. Please Note that Yahoo Groups has just 'Upgraded' Groups in the way in which attachments are handled. How they are handled is configured by the specific Group. Want them passed along? Archived on the Group site? Your choice. HTH JOHN 8-) Timestamp: Friday 01 May 2009, 08:09 --400 (Eastern Daylight Time) -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.10-svn4987: (MingW32) Comment: Public Key at: http://tinyurl.com/8cpho Comment: Gossamer Spider Web of Trust: https://www.gswot.org Comment: Homepage: http://tinyurl.com/yzhbhx iQEcBAEBCgAGBQJJ+uaLAAoJEBCGy9eAtCsPLuIH/jxc3lxraiJsfH0GdIQXMx4H tZsKHTPqKLJpS2SbZ3hvO5UlqiwMqqCWOnFWko1zYKx9nIJ7rlDvmUcbUg2MzN1Z 6DJj+dqeBit9qY/FVZe2iY2kFatatUHZugkwyGB2zYwzfwM7aidrs9/20d2omYqr qUjs6k7xH7bPxXSMPZWOKXrk07XoKYFqZAQ5lswW+cX2ma1AJUFMG8v+argOKf1u hJoDaNeUO4vbL8Rnk158MizMpVG7LZ6xPz8t6nOEa0dHO/S28O/3q7FiZ725zc+O 4kwDkhL52bZmqfYsc/Si650nmFyREbLQOPUjWb83dYyvucIyTXkLhGMAV2eAVI0= =MKNr -----END PGP SIGNATURE----- From tspivey at pcdesk.net Sat May 2 07:18:58 2009 From: tspivey at pcdesk.net (Tyler Spivey) Date: Sat, 2 May 2009 07:18:58 -0700 Subject: [Enigmail] Questions on per-recipient rules Message-ID: <20090502141858.GA29558@arch1> -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 1. Is it possible to import/export Per-recipient rules? Currently, creating them is a quite tedius process and I don't want to go through it again if I don't need to. 2. Would it be possible, in a future version of enigmail, to make the spacebar check/uncheck the keys in the per-recipient rule key selection dialog? That would make it quite a bit easier to just scroll through and check keys. -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.9 (GNU/Linux) iEYEARECAAYFAkn8VlIACgkQTsjaYASMWKQVWQCfXAr9pKd7rrinV18qJvX6EWTz XdcAn0kDzvmzfu9UUqtujdBJ2Oq18pzy =Fgf+ -----END PGP SIGNATURE----- From mlisten at hammernoch.net Sat May 2 08:08:44 2009 From: mlisten at hammernoch.net (=?ISO-8859-1?Q?Ludwig_H=FCgelsch=E4fer?=) Date: Sat, 02 May 2009 17:08:44 +0200 Subject: [Enigmail] Questions on per-recipient rules In-Reply-To: <20090502141858.GA29558@arch1> References: <20090502141858.GA29558@arch1> Message-ID: <49FC61FC.7090804@hammernoch.net> Hi, Tyler Spivey wrote on 02.05.2009 16:18 Uhr: > 1. Is it possible to import/export Per-recipient rules? Currently, creating them > is a quite tedius process and I don't want to go through it again if I don't need to. The rules are not im/exportable by GUI, but with a little experience you will find a file named "pgprules.xml" in your Thunderbird/Seamonkey profile. Just back it up or to copy it another computer/mail profile. The profile directory location depends on platform/OS. > 2. Would it be possible, in a future version of enigmail, to make the spacebar > check/uncheck the keys in the per-recipient rule key selection dialog? That would make it > quite a bit easier to just scroll through and check keys. Good idea! Ludwig -------------- next part -------------- A non-text attachment was scrubbed... Name: signature.asc Type: application/pgp-signature Size: 550 bytes Desc: OpenPGP digital signature URL: From hrickards at l33tmyst.com Sun May 3 00:21:43 2009 From: hrickards at l33tmyst.com (Harry Rickards) Date: Sun, 03 May 2009 08:21:43 +0100 Subject: [Enigmail] Color Coding Message-ID: <49FD4607.7050600@l33tmyst.com> -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Sorry if it's been asked before, but what trust level does a public key have to have before the blue EnigMail bar turns to green? As far as I can tell it seems to be Ultimately, but surely if you trusted someone Fully the bar should turn to green? Also, is there anyway to change this setting. - -- Many thanks Harry Rickards (a.k.a l33tmyst) - -----BEGIN GEEK CODE BLOCK----- Version: 3.1 GAT/GCM/GCS/GCC/GIT/GM d? s: a? C++++ UL++++ P- L+++ !E W+++ N o? K+ w--- O- M- V-PS+ PE Y+ PGP++ t 5 X R tv-- b+++ DI D---- G e* h! !r y? - ------END GEEK CODE BLOCK------ -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.9 (GNU/Linux) Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org iEYEARECAAYFAkn9RgcACgkQ1kZz3mRu0GoQnwCfdilYma9L9ceEnOR3AiAdq1Rx g3IAn3I3m+ojIxIWgIYT0tMK72XMQ3iY =YWIH -----END PGP SIGNATURE----- From post at lespocky.de Sun May 3 02:09:53 2009 From: post at lespocky.de (Alexander Dahl) Date: Sun, 03 May 2009 11:09:53 +0200 Subject: [Enigmail] Color Coding In-Reply-To: <49FD4607.7050600@l33tmyst.com> References: <49FD4607.7050600@l33tmyst.com> Message-ID: <0ML31I-1M0XiI1YhU-0000Bi@mrelayeu.kundenserver.de> Hi, > Sorry if it's been asked before, but what trust level does a public key > have to have before the blue EnigMail bar turns to green? As far as I > can tell it seems to be Ultimately, but surely if you trusted someone > Fully the bar should turn to green? Also, is there anyway to change this > setting. Trustlevel full is enough for green. You only set your very own key to ultimately. It's not relevant if the computed or user set trustlevel is full, if any of them (or both) the bar turns green. Be sure to set the user trust level to full only for users you really trust. There was a discussion about this on this mailing list just a few days ago. Greets Alex -- ***** http://www.lespocky.de ******************************************* Those who would give up essential Liberty, to purchase a little temporary Safety, deserve neither Liberty nor Safety. (Benjamin Franklin) -------------- next part -------------- A non-text attachment was scrubbed... Name: signature.asc Type: application/pgp-signature Size: 258 bytes Desc: OpenPGP digital signature URL: From shavital at mac.com Sun May 3 02:16:11 2009 From: shavital at mac.com (Charly Avital) Date: Sun, 03 May 2009 05:16:11 -0400 Subject: [Enigmail] Color Coding In-Reply-To: <49FD4607.7050600@l33tmyst.com> References: <49FD4607.7050600@l33tmyst.com> Message-ID: <49FD60DB.5070300@mac.com> Harry Rickards wrote the following on 5/3/09 3:21 AM: > Sorry if it's been asked before, but what trust level does a public key > have to have before the blue EnigMail bar turns to green? As far as I > can tell it seems to be Ultimately, but surely if you trusted someone > Fully the bar should turn to green? Also, is there anyway to change this > setting. > Upon verifying your in-line signed e-mail: OpenPGP Security Info UNTRUSTED Good signature from Harry Rickards (Email GPG Key) Key ID: 0x646ED06A / Signed on: 5/3/09 3:21 AM Key fingerprint: 7F78 596A 2DBB BE27 792A A44E D646 73DE 646E D06A The bar is blue (bluish...). UNTRUSTED Good Signature. Just for the exercise: - local signed your key (non exportable signature) - set trust level to 3 (marginal) OpenPGP Security Info Good signature from Harry Rickards (Email GPG Key) Key ID: 0x646ED06A / Signed on: 5/3/09 3:21 AM Key fingerprint: 7F78 596A 2DBB BE27 792A A44E D646 73DE 646E D06A The bar is green. Good signature Charly MacOS 10.5.6 - MacBook Intel C2Duo "Aluminum Late 2008"- GnuPG 1.4.9 - GPG2 2.0.11 - Thunderbird 2.0.0.21+Enigmail 0.96a (20090412-1301) - Apple's Mail+GPGMail 1.2.0 (v56), PGP key: 0xA57A8EFA From hrickards at l33tmyst.com Sun May 3 02:41:21 2009 From: hrickards at l33tmyst.com (Harry Rickards) Date: Sun, 03 May 2009 10:41:21 +0100 Subject: [Enigmail] Color Coding In-Reply-To: <0ML31I-1M0XiI1YhU-0000Bi@mrelayeu.kundenserver.de> References: <49FD4607.7050600@l33tmyst.com> <0ML31I-1M0XiI1YhU-0000Bi@mrelayeu.kundenserver.de> Message-ID: <49FD66C1.8080900@l33tmyst.com> -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Alexander Dahl wrote: > Hi, > >> Sorry if it's been asked before, but what trust level does a public key >> have to have before the blue EnigMail bar turns to green? As far as I >> can tell it seems to be Ultimately, but surely if you trusted someone >> Fully the bar should turn to green? Also, is there anyway to change this >> setting. > > Trustlevel full is enough for green. You only set your very own key to > ultimately. It's not relevant if the computed or user set trustlevel is > full, if any of them (or both) the bar turns green. > > Be sure to set the user trust level to full only for users you really > trust. There was a discussion about this on this mailing list just a few > days ago. > Ok thanks. I've set the trust level of my mail user (I got emails with the memory usage, GPG encrypted every 15 mins) to 3 (Fully). However I then get a blue bar with: Decrypted message; UNTRUSTED Good signature from l33tmyst (Mail Server User) References: <49FD4607.7050600@l33tmyst.com> <0ML31I-1M0XiI1YhU-0000Bi@mrelayeu.kundenserver.de> <49FD66C1.8080900@l33tmyst.com> Message-ID: <0ML31I-1M0Ylv0ykQ-0000Qr@mrelayeu.kundenserver.de> Hi, > Ok thanks. I've set the trust level of my mail user (I got emails with > the memory usage, GPG encrypted every 15 mins) to 3 (Fully). However I > then get a blue bar with: > > Decrypted message; UNTRUSTED Good signature from l33tmyst (Mail Server > User) Key ID: 0x3D958B68 / Signed on: 03/05/09 10:15 You are right. I thought, um, sorry, I wrote from memory without rechecking. *blush* > Do I have to sign the key to get it to turn green like Charly Avital did > in the example (see > http://www.mozdev.org/pipermail/enigmail/2009-May/011080.html)? So it's _your_ mail user? A second key of your own? A key you can verify and trust? (should be the case when you created the key yourself.) Then sign it with your primary key. This should give you a green bar. Greets Alex -- ***** http://www.lespocky.de ******************************************* Those who would give up essential Liberty, to purchase a little temporary Safety, deserve neither Liberty nor Safety. (Benjamin Franklin) -------------- next part -------------- A non-text attachment was scrubbed... Name: signature.asc Type: application/pgp-signature Size: 258 bytes Desc: OpenPGP digital signature URL: From hrickards at l33tmyst.com Sun May 3 03:43:51 2009 From: hrickards at l33tmyst.com (Harry Rickards) Date: Sun, 03 May 2009 11:43:51 +0100 Subject: [Enigmail] Color Coding In-Reply-To: <0ML31I-1M0Ylv0ykQ-0000Qr@mrelayeu.kundenserver.de> References: <49FD4607.7050600@l33tmyst.com> <0ML31I-1M0XiI1YhU-0000Bi@mrelayeu.kundenserver.de> <49FD66C1.8080900@l33tmyst.com> <0ML31I-1M0Ylv0ykQ-0000Qr@mrelayeu.kundenserver.de> Message-ID: <49FD7567.1050701@l33tmyst.com> -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Alexander Dahl wrote: > Hi, > >> Ok thanks. I've set the trust level of my mail user (I got emails with >> the memory usage, GPG encrypted every 15 mins) to 3 (Fully). However I >> then get a blue bar with: >> >> Decrypted message; UNTRUSTED Good signature from l33tmyst (Mail Server >> User) > Key ID: 0x3D958B68 / Signed on: 03/05/09 10:15 > > You are right. I thought, um, sorry, I wrote from memory without > rechecking. *blush* > >> Do I have to sign the key to get it to turn green like Charly Avital did >> in the example (see >> http://www.mozdev.org/pipermail/enigmail/2009-May/011080.html)? > > So it's _your_ mail user? A second key of your own? A key you can verify > and trust? (should be the case when you created the key yourself.) Then > sign it with your primary key. This should give you a green bar. > Thanks, I've signed it and it gives me a green bar. The key is in my name, but it's not for my email address. I get the user 'mail' to send me the memory usage of my server, GPG encrypted with it's own key. To do that I tell cron to run the following command as 'mail'. free -m|/usr/bin/gpg -a --encrypt --sign --recipient hrickards at l33tmyst.com|mail -s "Memory Usage (GPG Encrypted)" hrickards at l33tmyst.com - -- Many thanks Harry Rickards (a.k.a l33tmyst) - -----BEGIN GEEK CODE BLOCK----- Version: 3.1 GAT/GCM/GCS/GCC/GIT/GM d? s: a? C++++ UL++++ P- L+++ !E W+++ N o? K+ w--- O- M- V-PS+ PE Y+ PGP++ t 5 X R tv-- b+++ DI D---- G e* h! !r y? - ------END GEEK CODE BLOCK------ -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.9 (GNU/Linux) Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org iEYEARECAAYFAkn9dWcACgkQ1kZz3mRu0GrDUQCgvsbKE4C21FuBWrmX1LARkn+n sdoAoOXwzpBJNmF5joo2h8eTtpU4rbjj =ijhb -----END PGP SIGNATURE----- From jmoore3rd at bellsouth.net Sun May 3 04:51:23 2009 From: jmoore3rd at bellsouth.net (John W. Moore III) Date: Sun, 03 May 2009 07:51:23 -0400 Subject: [Enigmail] Color Coding In-Reply-To: <49FD66C1.8080900@l33tmyst.com> References: <49FD4607.7050600@l33tmyst.com> <0ML31I-1M0XiI1YhU-0000Bi@mrelayeu.kundenserver.de> <49FD66C1.8080900@l33tmyst.com> Message-ID: <49FD853B.6090700@bellsouth.net> -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 Harry Rickards wrote: > Do I have to sign the key to get it to turn green like Charly Avital did > in the example (see > http://www.mozdev.org/pipermail/enigmail/2009-May/011080.html)? Yep, but only with a Local [non-exportable] Signature. JOHN 8-) Timestamp: Sunday 03 May 2009, 07:51 --400 (Eastern Daylight Time) -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.10-svn4987: (MingW32) Comment: Public Key at: http://tinyurl.com/8cpho Comment: Gossamer Spider Web of Trust: https://www.gswot.org Comment: Homepage: http://tinyurl.com/yzhbhx iQEcBAEBCgAGBQJJ/YU4AAoJEBCGy9eAtCsPd/QH/R/uA14h8U5nF+UbcscOA7Kn OT1uLj42q4p5kPRW7XB0He3QdcYNjXvbMnvhqxny+5ddMNbw3v7z+TQyHCDz/HZr BbO0pj8p9ONBV4HSbxxAjPjUbs+VAyw5CpNLOM9km++d7TlBAmYAd+NusEownbMf clinJV059Xr+2eZEQowVsXp9yxJuIneeLlivVopRkAF43q5dQe+I7US5hP62asbe G01pGaL3Vr7dQX/5G6cxH4dJuX5FJoHb00Te8szKQsZM/+S01hG7xESz+iPOn4SV rbnrfRmtI8qSZft7w/DAmueD0/5khV0B6JJblrnoQruRE/hBz7KllfRAbAsiWVc= =OBa0 -----END PGP SIGNATURE----- From hrickards at l33tmyst.com Sun May 3 04:54:37 2009 From: hrickards at l33tmyst.com (Harry Rickards) Date: Sun, 03 May 2009 12:54:37 +0100 Subject: [Enigmail] Color Coding In-Reply-To: <49FD853B.6090700@bellsouth.net> References: <49FD4607.7050600@l33tmyst.com> <0ML31I-1M0XiI1YhU-0000Bi@mrelayeu.kundenserver.de> <49FD66C1.8080900@l33tmyst.com> <49FD853B.6090700@bellsouth.net> Message-ID: <49FD85FD.7030200@l33tmyst.com> -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 John W. Moore III wrote: > Harry Rickards wrote: > >> Do I have to sign the key to get it to turn green like Charly Avital did >> in the example (see >> http://www.mozdev.org/pipermail/enigmail/2009-May/011080.html)? > > Yep, but only with a Local [non-exportable] Signature. > > JOHN 8-) > Timestamp: Sunday 03 May 2009, 07:51 --400 (Eastern Daylight Time) Ok, thanks. If the bar turns green when I sign it it's not that much of a big deal, but do you know if there's anyway so that if the key is *not* signed, but is trusted fully the bar turns green? - -- Many thanks Harry Rickards (a.k.a l33tmyst) - -----BEGIN GEEK CODE BLOCK----- Version: 3.1 GAT/GCM/GCS/GCC/GIT/GM d? s: a? C++++ UL++++ P- L+++ !E W+++ N o? K+ w--- O- M- V-PS+ PE Y+ PGP++ t 5 X R tv-- b+++ DI D---- G e* h! !r y? - ------END GEEK CODE BLOCK------ -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.9 (GNU/Linux) Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org iEYEARECAAYFAkn9hf0ACgkQ1kZz3mRu0GrHewCeL1o0otE35Pbi+foiZ8FEo48L OzUAoLPQvwFq1A9YK3M9aoFPFKc1EIpX =5db+ -----END PGP SIGNATURE----- From jmoore3rd at bellsouth.net Sun May 3 05:12:57 2009 From: jmoore3rd at bellsouth.net (John W. Moore III) Date: Sun, 03 May 2009 08:12:57 -0400 Subject: [Enigmail] Color Coding In-Reply-To: <49FD85FD.7030200@l33tmyst.com> References: <49FD4607.7050600@l33tmyst.com> <0ML31I-1M0XiI1YhU-0000Bi@mrelayeu.kundenserver.de> <49FD66C1.8080900@l33tmyst.com> <49FD853B.6090700@bellsouth.net> <49FD85FD.7030200@l33tmyst.com> Message-ID: <49FD8A49.5020103@bellsouth.net> -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 Harry Rickards wrote: > Ok, thanks. If the bar turns green when I sign it it's not that much of > a big deal, but do you know if there's anyway so that if the key is > *not* signed, but is trusted fully the bar turns green? This will entail a description of Depth of Trust. By that I mean that if You are verifying the Sig on a message made with a Key that You have _not_ Signed but the Key is Signed by another Key on Your Keyring that You have Trust Signed with a Depth of Trust greater than Zero then the Enigmail Bar will show Green. Depth of Trust indicated how many 'hops' or 'ripples in the Trust pool' Your Signature extends. i.e. I tsign Your Key with a Depth of Trust of 2 then You sign Alice's Key. I haven't Signed Alice's Key yet when I receive a Signature from Alice the Enigmail Bar will show Green because I signed Your Key & You have signed Alice's. If I receive a Message from someone whose Key has been signed by Alice the same thing will occur. This is because the 'hops' are 2 Sigs away from My Key. If I had Signed Your Key with a Depth of Trust of 1 then only Keys Signed by Your Key will show Green but Sigs made by folks whose Key You have Signed will show Blue because I haven't indicated via My Trust signature that I am extending Trust by proxy beyond Your Signature. Clear as Mud? You can also read the GnuPG Manual regarding the tsign Command. In PGP this is indicated by looking at the Signatures on a Key. Standard/Normal exportable sigs have a Trust Depth of 0 and will be indicated with a Yellow Pencil but Trust Sigs [PGP calls 'em Trusted Introducer] will be indicated with a Black Pencil. Owner Trust is determined by the simple presence of Your Signature on a Key. Calculated Trust is determined based upon the Depth of Trust extending from a Signature on the Key being verified. HTH JOHN ;) Timestamp: Sunday 03 May 2009, 08:12 --400 (Eastern Daylight Time) -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.10-svn4987: (MingW32) Comment: Public Key at: http://tinyurl.com/8cpho Comment: Gossamer Spider Web of Trust: https://www.gswot.org Comment: Homepage: http://tinyurl.com/yzhbhx iQEcBAEBCgAGBQJJ/YpHAAoJEBCGy9eAtCsPenMH/2fTE9q0ZlxyRo3sOc9QlqfU CRyiVd9V9+4RZZvjLUkue8LtY0C+0peygGPWa1SpTrmihZNz+3kkLdx9s7Abvd3q 2SbeiK/SknLKWE9LN5B/pYcUPN92iXXknKfkMgAbfksYPt/A+wnDQvCvf5qgcxIG 1QroLXPEKQQP3VwQv4rxMS1cFjlFYVqzsa5cl7k3KsLeBEGmzXNdiWPxJYCfto23 rvujxezYeA5dwj84ftrXwZl810Odm19uvNv4+Wx66U3EhWfF4ukAPrBYXCZDVPMu LeeH5hjYGifqhFHqC5pw2FIYc4bTXxDTca1Cf4cv2wbbNKXh/WwsqL9aBUC8Pxc= =pZea -----END PGP SIGNATURE----- From hrickards at l33tmyst.com Sun May 3 05:34:43 2009 From: hrickards at l33tmyst.com (Harry Rickards) Date: Sun, 03 May 2009 13:34:43 +0100 Subject: [Enigmail] Color Coding In-Reply-To: <49FD8A49.5020103@bellsouth.net> References: <49FD4607.7050600@l33tmyst.com> <0ML31I-1M0XiI1YhU-0000Bi@mrelayeu.kundenserver.de> <49FD66C1.8080900@l33tmyst.com> <49FD853B.6090700@bellsouth.net> <49FD85FD.7030200@l33tmyst.com> <49FD8A49.5020103@bellsouth.net> Message-ID: <49FD8F63.6010207@l33tmyst.com> -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 John W. Moore III wrote: > Harry Rickards wrote: > >> Ok, thanks. If the bar turns green when I sign it it's not that much of >> a big deal, but do you know if there's anyway so that if the key is >> *not* signed, but is trusted fully the bar turns green? > > This will entail a description of Depth of Trust. By that I mean that > if You are verifying the Sig on a message made with a Key that You have > _not_ Signed but the Key is Signed by another Key on Your Keyring that > You have Trust Signed with a Depth of Trust greater than Zero then the > Enigmail Bar will show Green. Depth of Trust indicated how many 'hops' > or 'ripples in the Trust pool' Your Signature extends. > > i.e. I tsign Your Key with a Depth of Trust of 2 then You sign Alice's > Key. I haven't Signed Alice's Key yet when I receive a Signature from > Alice the Enigmail Bar will show Green because I signed Your Key & You > have signed Alice's. If I receive a Message from someone whose Key has > been signed by Alice the same thing will occur. This is because the > 'hops' are 2 Sigs away from My Key. If I had Signed Your Key with a > Depth of Trust of 1 then only Keys Signed by Your Key will show Green > but Sigs made by folks whose Key You have Signed will show Blue because > I haven't indicated via My Trust signature that I am extending Trust by > proxy beyond Your Signature. > > Clear as Mud? You can also read the GnuPG Manual regarding the tsign > Command. In PGP this is indicated by looking at the Signatures on a > Key. Standard/Normal exportable sigs have a Trust Depth of 0 and will > be indicated with a Yellow Pencil but Trust Sigs [PGP calls 'em Trusted > Introducer] will be indicated with a Black Pencil. > > Owner Trust is determined by the simple presence of Your Signature on a > Key. Calculated Trust is determined based upon the Depth of Trust > extending from a Signature on the Key being verified. > > HTH > > JOHN ;) > Timestamp: Sunday 03 May 2009, 08:12 --400 (Eastern Daylight Time) Ok, thanks for the explanation. That clears my problem up. - -- Many thanks Harry Rickards (a.k.a l33tmyst) - -----BEGIN GEEK CODE BLOCK----- Version: 3.1 GAT/GCM/GCS/GCC/GIT/GM d? s: a? C++++ UL++++ P- L+++ !E W+++ N o? K+ w--- O- M- V-PS+ PE Y+ PGP++ t 5 X R tv-- b+++ DI D---- G e* h! !r y? - ------END GEEK CODE BLOCK------ -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.9 (GNU/Linux) Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org iEYEARECAAYFAkn9j2MACgkQ1kZz3mRu0GooCQCg5noJcJXgDS/VDZNKrnKIiqFG huYAn2ziuikveHr2P5Y36abfM2t/dqtj =XDHk -----END PGP SIGNATURE----- From post at lespocky.de Sun May 3 05:48:20 2009 From: post at lespocky.de (Alexander Dahl) Date: Sun, 03 May 2009 14:48:20 +0200 Subject: [Enigmail] Color Coding In-Reply-To: <49FD85FD.7030200@l33tmyst.com> References: <49FD4607.7050600@l33tmyst.com> <0ML31I-1M0XiI1YhU-0000Bi@mrelayeu.kundenserver.de> <49FD66C1.8080900@l33tmyst.com> <49FD853B.6090700@bellsouth.net> <49FD85FD.7030200@l33tmyst.com> Message-ID: <0MKv5w-1M0b7d3Jzi-0001N2@mrelayeu.kundenserver.de> Hi, > Ok, thanks. If the bar turns green when I sign it it's not that much of > a big deal, but do you know if there's anyway so that if the key is > *not* signed, but is trusted fully the bar turns green? If it's not signed at all, the bar will never get green. It's possible to get green, if it's not signed by you. Due to the web of trust it's possible that the calculated trust value will be enough for full trust. I don't know the exact tresholds but I can draw how it works: Person A trusts and signs the keys of B, C and D. Person B, C and D trust and sign the key of E. If enough of those connections exist, the trust level of E for A will reach a point where a 'full trust' value is calculated. For example my Enigmail shows me full trust for Patrick Brunschwig although we never met and I didn't sign his key. Look at http://pgp.cs.uu.nl/paths/CC8710D0/to/E443D6D8.html -- this shows you the trust paths from me to Patrick, two direct connections each with only one intermediate person I met personally and signed the key. Greets Alex -- ***** http://www.lespocky.de ******************************************* Those who would give up essential Liberty, to purchase a little temporary Safety, deserve neither Liberty nor Safety. (Benjamin Franklin) -------------- next part -------------- A non-text attachment was scrubbed... Name: signature.asc Type: application/pgp-signature Size: 258 bytes Desc: OpenPGP digital signature URL: From hrickards at l33tmyst.com Sun May 3 05:50:40 2009 From: hrickards at l33tmyst.com (Harry Rickards) Date: Sun, 03 May 2009 13:50:40 +0100 Subject: [Enigmail] Color Coding In-Reply-To: <0MKv5w-1M0b7d3Jzi-0001N2@mrelayeu.kundenserver.de> References: <49FD4607.7050600@l33tmyst.com> <0ML31I-1M0XiI1YhU-0000Bi@mrelayeu.kundenserver.de> <49FD66C1.8080900@l33tmyst.com> <49FD853B.6090700@bellsouth.net> <49FD85FD.7030200@l33tmyst.com> <0MKv5w-1M0b7d3Jzi-0001N2@mrelayeu.kundenserver.de> Message-ID: <49FD9320.4050607@l33tmyst.com> -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Alexander Dahl wrote: > Hi, > >> Ok, thanks. If the bar turns green when I sign it it's not that much of >> a big deal, but do you know if there's anyway so that if the key is >> *not* signed, but is trusted fully the bar turns green? > > If it's not signed at all, the bar will never get green. > > It's possible to get green, if it's not signed by you. Due to the web of > trust it's possible that the calculated trust value will be enough for > full trust. I don't know the exact tresholds but I can draw how it works: > > Person A trusts and signs the keys of B, C and D. Person B, C and D > trust and sign the key of E. If enough of those connections exist, the > trust level of E for A will reach a point where a 'full trust' value is > calculated. > > For example my Enigmail shows me full trust for Patrick Brunschwig > although we never met and I didn't sign his key. Look at > http://pgp.cs.uu.nl/paths/CC8710D0/to/E443D6D8.html -- this shows you > the trust paths from me to Patrick, two direct connections each with > only one intermediate person I met personally and signed the key. Thanks, your's and John W Moore III's explanation's helped me understand the Web of Trust Idea. - -- Many thanks Harry Rickards (a.k.a l33tmyst) - -----BEGIN GEEK CODE BLOCK----- Version: 3.1 GAT/GCM/GCS/GCC/GIT/GM d? s: a? C++++ UL++++ P- L+++ !E W+++ N o? K+ w--- O- M- V-PS+ PE Y+ PGP++ t 5 X R tv-- b+++ DI D---- G e* h! !r y? - ------END GEEK CODE BLOCK------ -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.9 (GNU/Linux) Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org iEYEARECAAYFAkn9kx8ACgkQ1kZz3mRu0Go1aACdFoP+T3mhoT1mAfyUuWA5y5ys 0VQAoNQMb5r5w2R8UCR0t4P3f3DqlpyA =fimM -----END PGP SIGNATURE----- From patrick at mozilla-enigmail.org Sun May 3 10:59:35 2009 From: patrick at mozilla-enigmail.org (Patrick Brunschwig) Date: Sun, 03 May 2009 19:59:35 +0200 Subject: [Enigmail] Encrypt newsposts In-Reply-To: <49FAAAD2.4020305@hajo-kirchhoff.de> References: <49F9ACC4.30500@hajo-kirchhoff.de> <49F9F440.6070904@bellsouth.net> <49FA9518.9090102@hajo-kirchhoff.de> <49FA9EDB.9000805@sixdemonbag.org> <49FAAAD2.4020305@hajo-kirchhoff.de> Message-ID: <49FDDB87.60605@mozilla-enigmail.org> -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 mailinglists wrote: > Hi Robert, >>> my problem is that enigmail refuses to encrypt posts. Actively refuses. >>> >> This is not an Enigmail defect, the same way that it's not a defect for >> a pistol to refuse to fire if the safety is on. > I didn't think it was a defect, I thought enigmail was being overly > protective. My question is, how do I disable safety? I know what I am > doing and don't (always) want a tool protecting me from myself. The only way today is to change the code. The rule is there and always checked, but I think a warning would do as well, since there are really exceptions to the rule. If you file a bug at bugzilla.mozdev.org, I might add some option that would allow to overcome this situation. - -Patrick -----BEGIN PGP SIGNATURE----- Version: GnuPG v2.0.11 (GNU/Linux) Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org/ iQEVAwUBSf3bhncOpHodsOiwAQiCEAf/dSfhiQgqbkLedJYuyRweZIzMVj+FgobL IqcApbfqU5d1se7o8aYS8B6zVSLVMqHXOn+SqQG5lx1Sw2duptnHdB1iMYEAczmK TJFpfP+LDnYgeNMQSU+qiRJirERiGtHnLi8LULTvFJlBhhPZNi4Wnh/SqTZdnIB4 tGF57MsNuGGFvcsdFxvrV1J0ttAaa+aSk/ZKqlEV5XlpAL7ntMbs8H7tctGK4GLW ZvlTjUv+FR9iJB/McvXG+p5GQnp29Kiaf2EviK2MRR0fYshE/qxiwa/hAAudR4rI cS/EEqaOFftqJknufZaYSLOHpSijo72EDNltVmTf/9XJXpqdM196FA== =jjBc -----END PGP SIGNATURE----- From faramir.cl at gmail.com Sun May 3 21:08:46 2009 From: faramir.cl at gmail.com (Faramir) Date: Mon, 04 May 2009 00:08:46 -0400 Subject: [Enigmail] Color Coding In-Reply-To: <49FD60DB.5070300@mac.com> References: <49FD4607.7050600@l33tmyst.com> <49FD60DB.5070300@mac.com> Message-ID: <49FE6A4E.10508@gmail.com> -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 Charly Avital escribi?: > Harry Rickards wrote the following on 5/3/09 3:21 AM: >> Sorry if it's been asked before, but what trust level does a public key >> have to have before the blue EnigMail bar turns to green? As far as I I think all it needs is your signature on it... but you should be careful at the moment of issuing signatures. I use mostly local signatures, when I need to encrypt to a key. But now I know I don't need to do that, I won't issue local signatures either, unless I really need to do it. Best Regards -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.9 (MingW32) Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org iQEcBAEBCAAGBQJJ/mpOAAoJEMV4f6PvczxAMXcH/RcuXD0Ip1XhCFsWAkPT84qJ /NK/vGfnY2T+hKpVL+ruiJiCKg3wlE6y+iPTqM4p3PCMwYRQ78My0sKdWzoeNq4L DcFIQACwJcw0kXu8WmbmIkO87o3fK0pqbB6i+hyAyMjYU+60Aeb6Fz6bgrdKoyfJ 0AOqgU60trnuLCe3DDb9qH1s5bgEKfiI0BUXYUZPJbMWWZpzXwqegGQLFSSGDwgn NHmTmRTmeih8JLSH3SD2ArK8iex0/XM3FEpF9fwF2fp4fLklZzdxC95AFu4lNajH Nq6X4TTFVbe9cUwPF8hkPE0zkzshg96Gt0lDPEwyAvNULQbJykyfovAHoH/Bggc= =j9dn -----END PGP SIGNATURE----- From faramir.cl at gmail.com Sun May 3 22:26:47 2009 From: faramir.cl at gmail.com (Faramir) Date: Mon, 04 May 2009 01:26:47 -0400 Subject: [Enigmail] Color Coding In-Reply-To: <49FD85FD.7030200@l33tmyst.com> References: <49FD4607.7050600@l33tmyst.com> <0ML31I-1M0XiI1YhU-0000Bi@mrelayeu.kundenserver.de> <49FD66C1.8080900@l33tmyst.com> <49FD853B.6090700@bellsouth.net> <49FD85FD.7030200@l33tmyst.com> Message-ID: <49FE7C97.80303@gmail.com> -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 Harry Rickards escribi?: > Ok, thanks. If the bar turns green when I sign it it's not that much of > a big deal, but do you know if there's anyway so that if the key is > *not* signed, but is trusted fully the bar turns green? I think if you fully trust a key belonging to the one that is supposed to belong, you should sign it, even if you use a local non-exportable signature. But that's just my humble opinion... Best Regards -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.9 (MingW32) Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org iQEcBAEBCAAGBQJJ/nyXAAoJEMV4f6PvczxABeoH/0suY+jqjA7EJ17/npWlPrrV rvOm6EsKTbbBzZ6qsNhM27mLFfwQWi77OFlWkyztLvzJfuFGOCbjGkZ6P1b4svKL uAZtvQXCMY/i/53qaaC9ydznspwpb+clt5nTuajt+wy/k9iRpRBQ1HE8otx2pGkd nsJW5lGyrrrE/qnn8Zm9OUcPXjeM2GpU1kMAm7C2AfsOHIx/z/yZDd60LXJVSWUV xk/BTmrctai7d8vS+wDRrYytvmSPhq28Hcl+eXoN09dI8hU/5tdvlJDOOyVZfFle +grWR2lBRX4+H4fmlFLFfvXvRqFIg0EZrbk3Vf/xuAJ/h0idww1DyEpZby73Vqc= =Ktf9 -----END PGP SIGNATURE----- From m534c.subscribe at gmail.com Mon May 4 05:09:57 2009 From: m534c.subscribe at gmail.com (Jonas Islander) Date: Mon, 04 May 2009 14:09:57 +0200 Subject: [Enigmail] Encrypt newsposts In-Reply-To: <49FA9F0A.5030804@Mozilla-Enigmail.org> References: <49F9ACC4.30500@hajo-kirchhoff.de> <49F9F440.6070904@bellsouth.net> <49FA9518.9090102@hajo-kirchhoff.de> <49FA9F0A.5030804@Mozilla-Enigmail.org> Message-ID: <49FEDB15.1040509@gmail.com> John Clizbe wrote: > I'm going to go out on a limb and say Enigmail is "Doing The Right > Thing(tm)". This is probably the only time I've ever seen mention of > encrypting news, so I don't think Enigmail should be changed to allow > it. It's an outlier behavior. > Sorry for barging in on the discussion, but would this feature make sense: If a key ID contains a nntp: URL instead of an email address, Enigmail encrypts posts to that news server using that key. This could be used to ensure safe transport and storage of news, without the need to leave any keys on the server. So you could, for example, use a hosted news server without compromising security. -- Jonas Islander -------------- next part -------------- A non-text attachment was scrubbed... Name: signature.asc Type: application/pgp-signature Size: 258 bytes Desc: OpenPGP digital signature URL: From rjh at sixdemonbag.org Tue May 5 07:08:55 2009 From: rjh at sixdemonbag.org (Robert J. Hansen) Date: Tue, 05 May 2009 10:08:55 -0400 Subject: [Enigmail] Enigmail on Ubuntu 9.04 Message-ID: <4A004877.5060609@sixdemonbag.org> Since upgrading to Ubuntu 9.04, I've discovered a weird behavior: despite having my passphrase cache set to a nice high value, Enigmail refuses to cache my passphrase for any length of time. Each and every encrypted email I receive requires me to re-enter a passphrase all over again. This occurs using official Ubuntu packages. Anyone know what's going on? From andy.ruddock at rainydayz.org Tue May 5 07:16:11 2009 From: andy.ruddock at rainydayz.org (Andy Ruddock) Date: Tue, 05 May 2009 16:16:11 +0200 Subject: [Enigmail] Enigmail on Ubuntu 9.04 In-Reply-To: <4A004877.5060609@sixdemonbag.org> References: <4A004877.5060609@sixdemonbag.org> Message-ID: <4A004A2B.7020507@rainydayz.org> -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Robert J. Hansen wrote: > Since upgrading to Ubuntu 9.04, I've discovered a weird behavior: > despite having my passphrase cache set to a nice high value, Enigmail > refuses to cache my passphrase for any length of time. Each and every > encrypted email I receive requires me to re-enter a passphrase all over > again. > > This occurs using official Ubuntu packages. > > Anyone know what's going on? > _______________________________________________ > Enigmail mailing list > Enigmail at mozdev.org > https://www.mozdev.org/mailman/listinfo/enigmail Irritating isn't it! If you click through System -> Preferences -> Encryption and Keyrings you'll get a dialog with two tabs, in the PGP Passphrases tab you can set the length of time that passphrases are cached for. Initially it's turned off, but the default setting for it when on is 300 minutes - which is a ludicrously long period of time. Not sure, but this setting may depend upon whether gpg-agent or seahorse is used for passphrase caching. - -- Andy Ruddock - ------------ andy.ruddock at rainydayz.org (GPG Key ID 0xA622D452) -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.9 (GNU/Linux) Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org iEYEARECAAYFAkoASiMACgkQfSkWkaYi1FImsQCdEdGA5Ay1dMKNfMyrjqxpNpS5 RLUAoKIMeSNHZ7GW/rI/8aHrXpTPJF7X =C62r -----END PGP SIGNATURE----- From ludovic at mozillamessaging.com Tue May 5 07:16:31 2009 From: ludovic at mozillamessaging.com (Ludovic Hirlimann) Date: Tue, 05 May 2009 16:16:31 +0200 Subject: [Enigmail] Enigmail on Ubuntu 9.04 In-Reply-To: <4A004877.5060609@sixdemonbag.org> References: <4A004877.5060609@sixdemonbag.org> Message-ID: <4A004A3F.2080004@mozillamessaging.com> On 5/5/09 4:08 PM, Robert J. Hansen wrote: > Since upgrading to Ubuntu 9.04, I've discovered a weird behavior: > [snip] > Anyone know what's going on? > > Did you ask the package maintainer ? Ludo -- Ludovic Hirlimann MozillaMessaging QA lead http://www.spreadthunderbird.com/aff/79/2 From rjh at sixdemonbag.org Tue May 5 07:37:38 2009 From: rjh at sixdemonbag.org (Robert J. Hansen) Date: Tue, 05 May 2009 10:37:38 -0400 Subject: [Enigmail] Enigmail on Ubuntu 9.04 In-Reply-To: <4A004A2B.7020507@rainydayz.org> References: <4A004877.5060609@sixdemonbag.org> <4A004A2B.7020507@rainydayz.org> Message-ID: <4A004F32.1000201@sixdemonbag.org> -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 Andy Ruddock wrote: > Irritating isn't it! Thank you, Andy. This definitely should be entered in Launchpad as a bug against Enigmail. If Ubuntu is going to have their Enigmail package use their own passphrase manager, Ubuntu should also remove from Enigmail all passphrase caching options -- otherwise users will just get mighty confused. Would you like to enter this one, or shall I? -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.9 (GNU/Linux) iFYEAREIAAYFAkoATyoACgkQI4Br5da5jhA/mQDeOXohVHlDdm8S1g8NJAf7veoi HfXk2xebqsuPFgDfRHnnDOfwCLzUBQzpc8vERsB/zaptVmwPjojY9A== =bxxY -----END PGP SIGNATURE----- From patrick at mozilla-enigmail.org Tue May 5 07:53:03 2009 From: patrick at mozilla-enigmail.org (Patrick Brunschwig) Date: Tue, 05 May 2009 16:53:03 +0200 Subject: [Enigmail] Enigmail on Ubuntu 9.04 In-Reply-To: <4A004F32.1000201@sixdemonbag.org> References: <4A004877.5060609@sixdemonbag.org> <4A004A2B.7020507@rainydayz.org> <4A004F32.1000201@sixdemonbag.org> Message-ID: <4A0052CF.90302@mozilla-enigmail.org> -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 Robert J. Hansen wrote: > Andy Ruddock wrote: >> Irritating isn't it! > > Thank you, Andy. This definitely should be entered in Launchpad as a > bug against Enigmail. If Ubuntu is going to have their Enigmail package > use their own passphrase manager, Ubuntu should also remove from > Enigmail all passphrase caching options -- otherwise users will just get > mighty confused. > > Would you like to enter this one, or shall I? No, it's not a bug of any system. It's simply the "problem" that Ubunutu starts gpg-agent (or actually seahorse-agent) at login, which is obviously before Thunderbird/Enigmail. If Enigmail detects a gpg-agent, then it uses the agent and the idle times are irrelevant (because Enigmail has no control over gpg-agent). See also bug 20873 The only solution I have (implemented in trunk) is to warn that gpg-agent might use different idle time settings. - -Patrick -----BEGIN PGP SIGNATURE----- Version: GnuPG v2.0.11 (GNU/Linux) Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org/ iQEVAwUBSgBSzXcOpHodsOiwAQjIbQf6AtAVCKdZ6SFCCPmXwF9AkqGrXuici0qJ qAdUuogwX2OUqNcJcx6T/vunXa8MOFuvDWOBUfj47VzzxrtxlCsYNpSeYAqCjxYZ UWbGHnGt5X2zoKIrWtAolnLIzNxVQiWyajON4Bc5xHRgccCwyW4MlUmoHrOsOtsL Ofz3Ycnm+ekXH9AYb9PnyKmL1ES6i8FKR6t3w3xQvPBTekaY5Q+U5VeBMccLIesV vGY5FV8CTJC8UvfVQlYS+N9AOeCobpyaxnQSOIgfccJxnDC8tVbrGqQ7TcW8+p8e ueaxGqgYVs0V8lF5L1TNjuc3eNIEXcRLt/hMTy/hK4vLyg9OqjKKEQ== =E1o5 -----END PGP SIGNATURE----- From l.dobrev at gmail.com Tue May 5 08:12:21 2009 From: l.dobrev at gmail.com (Lachezar Dobrev) Date: Tue, 5 May 2009 18:12:21 +0300 Subject: [Enigmail] Enigmail on Ubuntu 9.04 In-Reply-To: <4A004877.5060609@sixdemonbag.org> References: <4A004877.5060609@sixdemonbag.org> Message-ID: <90266c3f0905050812r75a1d6du260dc9376d1bffbc@mail.gmail.com> I found out, that integrating with Ubuntu is the better option. 1. In the User Settings open the Encryption/Keyring options (sorry, using non-English interface) 2. Choose there to remember the password for let's say 300 seconds (5 minutes). 3. Un-check the 'Ask before using remembered...' 4. In Thunderbird open Enigmail's settings. 5. Turn on the 'Do not ask for any passphrase'. 6. Turn on the 'Display expert settings' 7. Select OK. 8. Open Engimail settings again. 9. Go to Advanced tab. 10. Turn on 'Use gpg-agent for passphrases'. A defect occurs, if you have visual effects turned on: when the password question pop-up occurs it is often displayed behind the Enigmail window, but has focus. 2009/5/5 Robert J. Hansen : > Since upgrading to Ubuntu 9.04, I've discovered a weird behavior: > despite having my passphrase cache set to a nice high value, Enigmail > refuses to cache my passphrase for any length of time. ?Each and every > encrypted email I receive requires me to re-enter a passphrase all over > again. > > This occurs using official Ubuntu packages. > > Anyone know what's going on? > _______________________________________________ > Enigmail mailing list > Enigmail at mozdev.org > https://www.mozdev.org/mailman/listinfo/enigmail > From patrick at mozilla-enigmail.org Tue May 5 08:19:41 2009 From: patrick at mozilla-enigmail.org (Patrick Brunschwig) Date: Tue, 05 May 2009 17:19:41 +0200 Subject: [Enigmail] Enigmail on Ubuntu 9.04 In-Reply-To: <4A0052CF.90302@mozilla-enigmail.org> References: <4A004877.5060609@sixdemonbag.org> <4A004A2B.7020507@rainydayz.org> <4A004F32.1000201@sixdemonbag.org> <4A0052CF.90302@mozilla-enigmail.org> Message-ID: <4A00590D.7090209@mozilla-enigmail.org> -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 Patrick Brunschwig wrote: > Robert J. Hansen wrote: >> Andy Ruddock wrote: >>> Irritating isn't it! >> Thank you, Andy. This definitely should be entered in Launchpad as a >> bug against Enigmail. If Ubuntu is going to have their Enigmail package >> use their own passphrase manager, Ubuntu should also remove from >> Enigmail all passphrase caching options -- otherwise users will just get >> mighty confused. > >> Would you like to enter this one, or shall I? > > > No, it's not a bug of any system. It's simply the "problem" that Ubunutu > starts gpg-agent (or actually seahorse-agent) at login, which is > obviously before Thunderbird/Enigmail. If Enigmail detects a gpg-agent, > then it uses the agent and the idle times are irrelevant (because > Enigmail has no control over gpg-agent). > > See also bug 20873 > > The only solution I have (implemented in trunk) is to warn that > gpg-agent might use different idle time settings. I hate replying to myself, but I forgot one thing here: users are free to disable gpg-agent (or seahorse-agent), therefore removing the corresponding options from Enigmail in Ubuntu is a not a clever thing to do. - -Patrick -----BEGIN PGP SIGNATURE----- Version: GnuPG v2.0.11 (GNU/Linux) Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org/ iQEVAwUBSgBZDXcOpHodsOiwAQjYRwgArozWMNCb+UfWgd28Zout0+qSpi2ByN1n 0EnAx3UWg9qgNrcs1x9pxOR/jNWjx2VIE1WZQGX1kH7xlEhIPBxlYLk9GRNIJEiv kQh7XNG81T8udISnY4AQJHOjr9ugmI54wOOZrdpaEQfDBwXVYvJhiEhHeYJkyKuG JkLJNb/dRwlm83xW/8jHDBGzAB4jWioo7q+NqgWkCZ2d7MXR9irguG7uaqnyhLzT P508t4gd7CBLoP85L2LQ5fbWiesp/L6dTTxeP1P/D6puB2J8L5d3+6Re2h9FkHJN BVq617H0WbLUBCoEk3Cmx0aRWFtiN91W5D1ufetbt/S89qt06RzbIQ== =fEvQ -----END PGP SIGNATURE----- From dkg at fifthhorseman.net Tue May 5 08:31:37 2009 From: dkg at fifthhorseman.net (Daniel Kahn Gillmor) Date: Tue, 05 May 2009 11:31:37 -0400 Subject: [Enigmail] Interactions between gpg-agent and enigmail [was: Re: Enigmail on Ubuntu 9.04] In-Reply-To: <4A00590D.7090209@mozilla-enigmail.org> References: <4A004877.5060609@sixdemonbag.org> <4A004A2B.7020507@rainydayz.org> <4A004F32.1000201@sixdemonbag.org> <4A0052CF.90302@mozilla-enigmail.org> <4A00590D.7090209@mozilla-enigmail.org> Message-ID: <4A005BD9.8040501@fifthhorseman.net> On 05/05/2009 11:19 AM, Patrick Brunschwig wrote: > I hate replying to myself, but I forgot one thing here: users are free > to disable gpg-agent (or seahorse-agent), therefore removing the > corresponding options from Enigmail in Ubuntu is a not a clever thing to do. Would it be possible for enigmail to detect whether or not the gpg-agent is running? On GNU/Linux at least, a simple examination of the $GPG_AGENT_INFO environment variable should be sufficient. According to gpg2(1): > GPG_AGENT_INFO > Used to locate the gpg-agent. The value consists of 3 colon > delimited fields: The first is the path to the Unix Domain > Socket, the second the PID of the gpg-agent and the protocol > version which should be set to 1. When starting the gpg-agent as > described in its documentation, this variable is set to the cor? > rect value. The option --gpg-agent-info can be used to override > it. Maybe if enigmail detects that the agent is running, it could alter the password caching preferences display to clarify the situation. --dkg -------------- next part -------------- A non-text attachment was scrubbed... Name: signature.asc Type: application/pgp-signature Size: 890 bytes Desc: OpenPGP digital signature URL: From dkg at fifthhorseman.net Tue May 5 09:01:07 2009 From: dkg at fifthhorseman.net (Daniel Kahn Gillmor) Date: Tue, 05 May 2009 12:01:07 -0400 Subject: [Enigmail] MIME multipart/signed and the risk of followon MIME parts Message-ID: <4A0062C3.7070505@fifthhorseman.net> Hi Enigmail people-- I sign my messages with enigmail using PGP/MIME. The messages start out like this (parts are labeled with letters for later reference): *-+ Content-Type: multipart/signed (X) +-- Content-Type: text/plain (Y) +-- Content-Type: application/pgp-signature (Z) When i send messages to mailing lists (like this one), the list software appears to wrap the whole thing in an additional MIME layer, so that it looks like this: *-+ Content-Type: multipart/mixed (A) +--+ Content-Type: multipart/signed (X) | +-- Content-Type: text/plain (Y) | +-- Content-Type: application/pgp-signature (Z) +-- Content-Type: text/plain (disposition: inline) (B) (B) in this case is the mailing list footer. My concern is that Enigmail validates the multipart/signed bit, and displays the "Good signature from..." message, but *also* displays part B (after a horizontal rule). I know at this point that only the displayed material before the horizontal rule is what's actually signed, but it seems to me like a malicious MTA could just as easily inject nasty stuff there and casual enigmail users would not realize that the stuff in (B) was not actually signed by the author of the e-mail. Any thoughts about how to make this distinction clearer in the UI? --dkg -------------- next part -------------- A non-text attachment was scrubbed... Name: signature.asc Type: application/pgp-signature Size: 890 bytes Desc: OpenPGP digital signature URL: From dkg at fifthhorseman.net Tue May 5 09:26:46 2009 From: dkg at fifthhorseman.net (Daniel Kahn Gillmor) Date: Tue, 05 May 2009 12:26:46 -0400 Subject: [Enigmail] spoofability of inline-signed messages in enigmail Message-ID: <4A0068C6.4010307@fifthhorseman.net> When enigmail encounters an inline PGP signature, it replaces the header and footer with: "********* *BEGIN ENCRYPTED or SIGNED PART* *********" and "********** *END ENCRYPTED or SIGNED PART* **********" lines. But these injections seem dubious due to their spoofability. For example, what's to stop an attacker from writing a cleartext message that includes the same literal header and footer, and then appending a legitimately inline-signed message to that? In this modern era of cruft-ridden top-posting, it would be pretty easy to sneak a copy of a small, signed post by a given author somewhere into the body of the forged message, and then to explicitly place the "*BEGIN ENCRYPTED or SIGNED PART*" wrappers around text that you want to claim the person signed. So if Dave wants to steal Alice's pet dog, he might send the following forged message to the kennel holding the dog: ====8<====8<====8<====8<====8<====8<====8<====8<====8<==== From: Alice To: Kennel Content-Type: text/plain; charset="us-ascii" ********* *BEGIN ENCRYPTED or SIGNED PART* ********* I, Alice, agree that Dave can take my pet spaniel since he promised to take good care of him. ********** *END ENCRYPTED or SIGNED PART* ********** Dave wrote: Alice, i wish you would reconsider. I'll take good care of him, please! Alice wrote earlier: -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 Dave, i'd really rather not part with my pet spaniel. -----BEGIN PGP SIGNATURE----- Version: GnuPG v2.0.11 (GNU/Linux) Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org/ iQEVAw33edsfencOpHodsOiwAQiCEAf/dSfhiQgqbkLedJYuyRweZIzMVj+FgobL Iaweg34g34sD4e7o8aYS8B6zVSLVMqHXOn+SqQG5lx1Sw2duptnHdB1iMYEAczmK TJFpfP+LDnYgeNMQSU+qiRJirERiGtHnLi8LULTvFJlBhhPZNi4Wnh/SqTZdnIB4 tGF57MsNuGGFvcsdFxvrV1J0ttAaa+aSk/ZKqlEV5XlpAL7ntMbs8H7tctGK4GLW ZvlTjUv+FR9iJB/McvXG+p5GQnp29Kiaf2EviK2MRR0fYshE/qxiwa/hAAudR4rI cS/EEqaOFftqJknufZaYSLOHpSijo72EDNltVmTf/9XJXpqdM196FA== =jjBc -----END PGP SIGNATURE----- ====8<====8<====8<====8<====8<====8<====8<====8<====8<==== If the kennel at example.com is using enigmail to verify messages from Alice, they may very well end up participating in a terrible dognapping scheme! Is there a way to avoid this kind of spoofing in the enigmail UI somehow? --dkg -------------- next part -------------- A non-text attachment was scrubbed... Name: signature.asc Type: application/pgp-signature Size: 890 bytes Desc: OpenPGP digital signature URL: From dkg at fifthhorseman.net Tue May 5 09:36:28 2009 From: dkg at fifthhorseman.net (Daniel Kahn Gillmor) Date: Tue, 05 May 2009 12:36:28 -0400 Subject: [Enigmail] MIME multipart/signed and the risk of followon MIME parts In-Reply-To: <4A0062C3.7070505@fifthhorseman.net> References: <4A0062C3.7070505@fifthhorseman.net> Message-ID: <4A006B0C.6090505@fifthhorseman.net> it gets weirder! On 05/05/2009 12:01 PM, Daniel Kahn Gillmor wrote: > *-+ Content-Type: multipart/mixed (A) > +--+ Content-Type: multipart/signed (X) > | +-- Content-Type: text/plain (Y) > | +-- Content-Type: application/pgp-signature (Z) > +-- Content-Type: text/plain (disposition: inline) (B) > > (B) in this case is the mailing list footer. I tried crafting a message like this, but with additional injected text (C) above the signed part (X): *-+ Content-Type: multipart/mixed (A) +-- Content-Type: text/plain (disposition: inline) (C) +--+ Content-Type: multipart/signed (X) | +-- Content-Type: text/plain (Y) | +-- Content-Type: application/pgp-signature (Z) +-- Content-Type: text/plain (disposition: inline) (B) In this case, icedove displays C
Y
B, but no enigmail header appears at all, and the MUA does not appear to be aware that any part of the message itself was signed. Is this intentional? What should enigmail do in this scenario where only a section of the message is signed? --dkg -------------- next part -------------- A non-text attachment was scrubbed... Name: signature.asc Type: application/pgp-signature Size: 890 bytes Desc: OpenPGP digital signature URL: From patrick at mozilla-enigmail.org Tue May 5 23:46:40 2009 From: patrick at mozilla-enigmail.org (Patrick Brunschwig) Date: Wed, 06 May 2009 08:46:40 +0200 Subject: [Enigmail] Interactions between gpg-agent and enigmail [was: Re: Enigmail on Ubuntu 9.04] In-Reply-To: <4A005BD9.8040501@fifthhorseman.net> References: <4A004877.5060609@sixdemonbag.org> <4A004A2B.7020507@rainydayz.org> <4A004F32.1000201@sixdemonbag.org> <4A0052CF.90302@mozilla-enigmail.org> <4A00590D.7090209@mozilla-enigmail.org> <4A005BD9.8040501@fifthhorseman.net> Message-ID: <4A013250.90703@mozilla-enigmail.org> -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 Daniel Kahn Gillmor wrote: > On 05/05/2009 11:19 AM, Patrick Brunschwig wrote: >> I hate replying to myself, but I forgot one thing here: users are free >> to disable gpg-agent (or seahorse-agent), therefore removing the >> corresponding options from Enigmail in Ubuntu is a not a clever thing to do. > > Would it be possible for enigmail to detect whether or not the gpg-agent > is running? On GNU/Linux at least, a simple examination of the > $GPG_AGENT_INFO environment variable should be sufficient. > > According to gpg2(1): > >> GPG_AGENT_INFO >> Used to locate the gpg-agent. The value consists of 3 colon >> delimited fields: The first is the path to the Unix Domain >> Socket, the second the PID of the gpg-agent and the protocol >> version which should be set to 1. When starting the gpg-agent as >> described in its documentation, this variable is set to the cor? >> rect value. The option --gpg-agent-info can be used to override >> it. > > Maybe if enigmail detects that the agent is running, it could alter the > password caching preferences display to clarify the situation. Right, Enigmail does that. The problem is that this is not sufficient. I have seen many situations where e.g.GPG_AGENT_INFO was present, but no gpg-agent was actually running, or in the following situation: no gpg-agent is used but the user chooses to use gpg v2.x. In this case, Enigmail has to start a gpg-agent. As said, I have changed the preferences dialog recently; the user is now alerted in case a gpg-agent is detected that the idle times might not be respected. - -Patrick -----BEGIN PGP SIGNATURE----- Version: GnuPG v2.0.11 (GNU/Linux) Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org/ iQEVAwUBSgEyT3cOpHodsOiwAQgdigf9E6kl/9Ye/Q/I9UckjfeB+amQClqb2kQQ 5OljlTeD+mhW8/+FPO2kIvIegj4UyCvqsntC0rCuoiponnax2CC2lBXss8AX5iuD qgjNLNn3pnB24Le0jA9cXHHl/O2mwjtcX9MV6AmWYNys//9tus+qw+Eo4aj5ateD ZVCLd74xDdWcSv10rWVkmTUDI/PUHrQ6/6aPdLVv4Z/gEuY+nmV27f+KhxluI5Ow sexXHuNgaigIN/RyIuwXUdYPpbg1NJuYrTbv3/BJ85L953IIOjIf4XZ2QlrhBAZh B7Irm2607+5OHd+3NE/cUa6spX80Yr9ikVHiRI3q4xX7eSAGhHhS5Q== =tlrb -----END PGP SIGNATURE----- From patrick at mozilla-enigmail.org Tue May 5 23:49:28 2009 From: patrick at mozilla-enigmail.org (Patrick Brunschwig) Date: Wed, 06 May 2009 08:49:28 +0200 Subject: [Enigmail] MIME multipart/signed and the risk of followon MIME parts In-Reply-To: <4A006B0C.6090505@fifthhorseman.net> References: <4A0062C3.7070505@fifthhorseman.net> <4A006B0C.6090505@fifthhorseman.net> Message-ID: <4A0132F8.40603@mozilla-enigmail.org> -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 Daniel Kahn Gillmor wrote: > it gets weirder! > > On 05/05/2009 12:01 PM, Daniel Kahn Gillmor wrote: >> *-+ Content-Type: multipart/mixed (A) >> +--+ Content-Type: multipart/signed (X) >> | +-- Content-Type: text/plain (Y) >> | +-- Content-Type: application/pgp-signature (Z) >> +-- Content-Type: text/plain (disposition: inline) (B) >> >> (B) in this case is the mailing list footer. > > I tried crafting a message like this, but with additional injected text > (C) above the signed part (X): > > *-+ Content-Type: multipart/mixed (A) > +-- Content-Type: text/plain (disposition: inline) (C) > +--+ Content-Type: multipart/signed (X) > | +-- Content-Type: text/plain (Y) > | +-- Content-Type: application/pgp-signature (Z) > +-- Content-Type: text/plain (disposition: inline) (B) > > In this case, icedove displays C
Y
B, but no enigmail header > appears at all, and the MUA does not appear to be aware that any part of > the message itself was signed. > > Is this intentional? What should enigmail do in this scenario where > only a section of the message is signed? It's not intentional. The problem is that the MIME structure information given by Thunderbird is insufficient, thus Enigmail can't detect the signed part. - -Patrick -----BEGIN PGP SIGNATURE----- Version: GnuPG v2.0.11 (GNU/Linux) Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org/ iQEVAwUBSgEy93cOpHodsOiwAQhv8wf/c8IJMN0SU298xmlsy+COxJy63xU7BjAn /ghRkxWbe6rkXycaWPhqKiBSY9ojXSFjNbp7X9P0G7/ImObe7oJkrX9WM3rSAWAs KvXsNuhmq+3kZ7rCrvHIUqSeDxL3RdTRQCyZ+WSWWKrVxg4HfL3JIYVI16ZOUPFv BB+d3Tapv7lNRY0xDnB7Ra8fD+LKVgMmWaEGaDIqb+J8vFz5EO7LPBdENismeJZm S0j/2wPX0+AvDYN0IEhVCvq93IXe1AYcgxVUSoOOz7feJWE9i7/zxKBSYHW4WdJd K6az3SuAq8EkPtFVvzpgUzNQKpm5rZqwdgw7ek6T1AWiKzwyGegtDg== =eQLW -----END PGP SIGNATURE----- From ludovic at mozillamessaging.com Wed May 6 00:16:29 2009 From: ludovic at mozillamessaging.com (Ludovic Hirlimann) Date: Wed, 06 May 2009 09:16:29 +0200 Subject: [Enigmail] MIME multipart/signed and the risk of followon MIME parts In-Reply-To: <4A0132F8.40603@mozilla-enigmail.org> References: <4A0062C3.7070505@fifthhorseman.net> <4A006B0C.6090505@fifthhorseman.net> <4A0132F8.40603@mozilla-enigmail.org> Message-ID: <4A01394D.2050905@mozillamessaging.com> On 5/6/09 8:49 AM, Patrick Brunschwig wrote: > -----BEGIN PGP SIGNED MESSAGE----- > Hash: SHA256 > > Daniel Kahn Gillmor wrote: > >> it gets weirder! >> >> On 05/05/2009 12:01 PM, Daniel Kahn Gillmor wrote: >> >>> *-+ Content-Type: multipart/mixed (A) >>> +--+ Content-Type: multipart/signed (X) >>> | +-- Content-Type: text/plain (Y) >>> | +-- Content-Type: application/pgp-signature (Z) >>> +-- Content-Type: text/plain (disposition: inline) (B) >>> >>> (B) in this case is the mailing list footer. >>> >> I tried crafting a message like this, but with additional injected text >> (C) above the signed part (X): >> >> *-+ Content-Type: multipart/mixed (A) >> +-- Content-Type: text/plain (disposition: inline) (C) >> +--+ Content-Type: multipart/signed (X) >> | +-- Content-Type: text/plain (Y) >> | +-- Content-Type: application/pgp-signature (Z) >> +-- Content-Type: text/plain (disposition: inline) (B) >> >> In this case, icedove displays C
Y
B, but no enigmail header >> appears at all, and the MUA does not appear to be aware that any part of >> the message itself was signed. >> >> Is this intentional? What should enigmail do in this scenario where >> only a section of the message is signed? >> > It's not intentional. The problem is that the MIME structure information > given by Thunderbird is insufficient, thus Enigmail can't detect the > signed part. > > What's the bug number for that ? Ludovic -- Ludovic Hirlimann MozillaMessaging QA lead http://www.spreadthunderbird.com/aff/79/2 From patrick at mozilla-enigmail.org Wed May 6 00:56:57 2009 From: patrick at mozilla-enigmail.org (Patrick Brunschwig) Date: Wed, 06 May 2009 09:56:57 +0200 Subject: [Enigmail] MIME multipart/signed and the risk of followon MIME parts In-Reply-To: <4A01394D.2050905@mozillamessaging.com> References: <4A0062C3.7070505@fifthhorseman.net> <4A006B0C.6090505@fifthhorseman.net> <4A0132F8.40603@mozilla-enigmail.org> <4A01394D.2050905@mozillamessaging.com> Message-ID: <4A0142C9.7000202@mozilla-enigmail.org> -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 Ludovic Hirlimann wrote: > On 5/6/09 8:49 AM, Patrick Brunschwig wrote: >> -----BEGIN PGP SIGNED MESSAGE----- >> Hash: SHA256 >> >> Daniel Kahn Gillmor wrote: >> >>> it gets weirder! >>> >>> On 05/05/2009 12:01 PM, Daniel Kahn Gillmor wrote: >>> >>>> *-+ Content-Type: multipart/mixed (A) >>>> +--+ Content-Type: multipart/signed (X) >>>> | +-- Content-Type: text/plain (Y) >>>> | +-- Content-Type: application/pgp-signature (Z) >>>> +-- Content-Type: text/plain (disposition: inline) (B) >>>> >>>> (B) in this case is the mailing list footer. >>>> >>> I tried crafting a message like this, but with additional injected text >>> (C) above the signed part (X): >>> >>> *-+ Content-Type: multipart/mixed (A) >>> +-- Content-Type: text/plain (disposition: inline) (C) >>> +--+ Content-Type: multipart/signed (X) >>> | +-- Content-Type: text/plain (Y) >>> | +-- Content-Type: application/pgp-signature (Z) >>> +-- Content-Type: text/plain (disposition: inline) (B) >>> >>> In this case, icedove displays C
Y
B, but no enigmail header >>> appears at all, and the MUA does not appear to be aware that any part of >>> the message itself was signed. >>> >>> Is this intentional? What should enigmail do in this scenario where >>> only a section of the message is signed? >>> >> It's not intentional. The problem is that the MIME structure information >> given by Thunderbird is insufficient, thus Enigmail can't detect the >> signed part. >> >> > What's the bug number for that ? Some of the bugs are 235482 and 248846. The problem is that there is no reasonable interface to walk through the MIME parts of a message. See also , especially the comments related to steelIMessage. - -Patrick -----BEGIN PGP SIGNATURE----- Version: GnuPG v2.0.11 (GNU/Linux) Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org/ iQEVAwUBSgFCx3cOpHodsOiwAQiwzAf+IjxWP3khbOWw2B86MDHI5sN9KfB6HziD ZJM4DbOFpI8rfwuGiaqouQXT1TSS4MVajfHcSp0I3Q3eJ9ksVQ3/Vfop3I1geAN6 bO/D/w8bSlisezQTkxBdExXDxGPUuZMcvZB0/sZRA6jqKjqKbwOgrb/tXGCXs1To 0bIDleNz06c/XYBBrb6i4Lje85lpfPzVPw6zBeNkeL6b/gjUBGqQhvjR5uDpEsXu 2zYmVIJIwiILWCWwrpDuE8UmP7aHXS6GdNuUOaWhPIkRlGqsp/Gzke/3z/lcLiZo 8kfYh2mhrWtY6593mErqfMTsLR9R0Xi1w52a9/Xso4pWD8Cju3ds0w== =0dO5 -----END PGP SIGNATURE----- From thomas at lecavelier.name Wed May 6 02:53:21 2009 From: thomas at lecavelier.name (Thomas Lecavelier) Date: Wed, 06 May 2009 11:53:21 +0200 Subject: [Enigmail] Enigmail freeze when verify Message-ID: -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Hi there. I'm running : * TB 2.0.0.21 (ubuntu Intrepid Ibex package) * Engimail 0.95.7 (xpi from mozdev.org) * GPG v1.4.9 Everything worked great since I setup that box, but two weeks ago, enigmail start freezing when verifying signatures. When I'm having a look to my processes, I see gpg still running in back, called with such a command: /usr/bin/gpg --charset utf8 --batch --no-tty --status-fd 2 --verify The process is sleeping and awakable (SL) The only way to recover my thunderbird is to SIGKILL that process. Every other function is working (signing work great, fetching key from keyservers too). Am I the only one meeting that problem? Is there an incompatibilty between some of my tools? Thank you by advance. -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.9 (GNU/Linux) Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org iEYEARECAAYFAkoBXhEACgkQHOrSzJHr6r142gCcCl5vlmj7CrCOb/lBRiYKdv2h cz0An3cIf118qZME54OY1EEoFeAh/rKl =nqHC -----END PGP SIGNATURE----- From patrick at mozilla-enigmail.org Wed May 6 04:15:57 2009 From: patrick at mozilla-enigmail.org (Patrick Brunschwig) Date: Wed, 06 May 2009 13:15:57 +0200 Subject: [Enigmail] Enigmail freeze when verify In-Reply-To: References: Message-ID: <4A01716D.8080903@mozilla-enigmail.org> -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 Thomas Lecavelier wrote: > Hi there. > > I'm running : > * TB 2.0.0.21 (ubuntu Intrepid Ibex package) > * Engimail 0.95.7 (xpi from mozdev.org) > * GPG v1.4.9 > > Everything worked great since I setup that box, but two weeks ago, > enigmail start freezing when verifying signatures. When I'm having a > look to my processes, I see gpg still running in back, called with such > a command: > > /usr/bin/gpg --charset utf8 --batch --no-tty --status-fd 2 --verify > > The process is sleeping and awakable (SL) > > The only way to recover my thunderbird is to SIGKILL that process. > > Every other function is working (signing work great, fetching key from > keyservers too). > > Am I the only one meeting that problem? Is there an incompatibilty > between some of my tools? I don't think that using TB from Ubuntu together with Enigmail from mozdev.org is a good combination to use, in general I would expect some incompatibility from this combination. Maybe you could try to verify a message directly on the command line to see the output from gpg? E.g. start gpg with the command line above and copy&paste the source of this message to the command line. - -Patrick -----BEGIN PGP SIGNATURE----- Version: GnuPG v2.0.11 (GNU/Linux) Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org/ iQEVAwUBSgFxa3cOpHodsOiwAQi2Vgf/Y45DZiOZad4DHSFfYNNr4lQQAat2etDI pqY75NWx58osceDzZM9LJLF4c5sIfRQgIIBKhBghwXG7mLah71uLL0g4nczIbA2Z VbLWvyehBO81M4VJs8yFpSbk53mLZVPkM3w7gZNJQa7jT2/5XqaLKZNxRJg3AVyY KdBewMk4dY3gghWRRm6mWxIo/wyoFVQ0dutAtMy4MjjqnY7Xcb/dB3yxBB7Zyw8e NYFWlo+ta26P+NREGwc6hxGusvRsPdjUKr1vj+lR/hWyThWiqSr3prM368kQnwYu l0oVMjF+hkbMMtEr6botuzRn8Qkfk1wizQy53bMHJCb6GbeBXxppuw== =wexP -----END PGP SIGNATURE----- From zins at gmx.net Wed May 6 04:59:20 2009 From: zins at gmx.net (Ludwig Zins) Date: Wed, 06 May 2009 13:59:20 +0200 Subject: [Enigmail] Enigmail freeze when verify In-Reply-To: <4A01716D.8080903@mozilla-enigmail.org> References: <4A01716D.8080903@mozilla-enigmail.org> Message-ID: <4A017B98.6030105@gmx.net> Patrick Brunschwig schrieb: > Thomas Lecavelier wrote: >> Hi there. > >> I'm running : >> * TB 2.0.0.21 (ubuntu Intrepid Ibex package) >> * Engimail 0.95.7 (xpi from mozdev.org) >> * GPG v1.4.9 > >> Everything worked great since I setup that box, but two weeks ago, >> enigmail start freezing when verifying signatures. When I'm having a >> look to my processes, I see gpg still running in back, called with such >> a command: > >> /usr/bin/gpg --charset utf8 --batch --no-tty --status-fd 2 --verify > >> The process is sleeping and awakable (SL) > >> The only way to recover my thunderbird is to SIGKILL that process. > >> Every other function is working (signing work great, fetching key from >> keyservers too). > >> Am I the only one meeting that problem? Is there an incompatibilty >> between some of my tools? > > I don't think that using TB from Ubuntu together with Enigmail from > mozdev.org is a good combination to use, in general I would expect some > incompatibility from this combination. > > Maybe you could try to verify a message directly on the command line to > see the output from gpg? E.g. start gpg with the command line above and > copy&paste the source of this message to the command line. > > -Patrick May you try the ubuntu-Package of enigmail: sudo apt-get install mozilla-thunderbird-enigmail Ludwig _______________________________________________ Enigmail mailing list Enigmail at mozdev.org https://www.mozdev.org/mailman/listinfo/enigmail -- Ludwig Zins 85276 Pfaffenhofen - Germany ----------------------------------------------------------------------- GnuPG/PGP: KeyID: 0x6FC1C8BF Keyserver: http://pgpkeys.pca.dfn.de/ ----------------------------------------------------------------------- () This is Sch?uble. Copy Sch?uble into your signature /||\ to help him on his way to ?berwachungsstaat. |UU| - -------------- next part -------------- A non-text attachment was scrubbed... Name: signature.asc Type: application/pgp-signature Size: 280 bytes Desc: OpenPGP digital signature URL: From thomas at lecavelier.name Wed May 6 05:03:16 2009 From: thomas at lecavelier.name (Thomas Lecavelier) Date: Wed, 06 May 2009 14:03:16 +0200 Subject: [Enigmail] Enigmail freeze when verify In-Reply-To: References: Message-ID: -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Patrick Brunschwig a ?crit : > Maybe you could try to verify a message directly on the command line to > see the output from gpg? E.g. start gpg with the command line above and > copy&paste the source of this message to the command line. Hi Patrick, And thank you for your answer, which indirectly point me the solution I need. The short answer: just rm -f ~/.gnupg/*.lock The long answer: Trying to manually check your mail via gpg cli leads to a denial of access of my keyring, so after some search I see these two locks (~/.gnupg/pubring.gpg.lock and ~/.gnupg/secring.gpg.lock) with a pid in them dead for 9 days if I believe the timestamps. I just remove these lock files so gpg can access my pubkeyring and enigmail is now again a pleasure to use :) An other big "Thank you", Patrick! Thomas. -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.9 (GNU/Linux) Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org iEUEARECAAYFAkoBfIQACgkQHOrSzJHr6r0LSQCeMN23k+ewRGp5wEKS0qnJ14mM kY0AlRSTdhyNyUXDxx1CvTMPy0dx3L0= =Rsp/ -----END PGP SIGNATURE----- From rjh at sixdemonbag.org Wed May 6 09:29:03 2009 From: rjh at sixdemonbag.org (Robert J. Hansen) Date: Wed, 06 May 2009 12:29:03 -0400 Subject: [Enigmail] spoofability of inline-signed messages in enigmail In-Reply-To: <4A0068C6.4010307@fifthhorseman.net> References: <4A0068C6.4010307@fifthhorseman.net> Message-ID: <4A01BACF.90102@sixdemonbag.org> Daniel Kahn Gillmor wrote: > But these injections seem dubious due to their spoofability. On the one hand, I agree with you; on the other, I think history shows this is not a pressing concern. PGP Desktop did basically the same thing for years, and I'm unaware of any successful spoofing attacks that were applied against it. That said, this is still something best addressed sooner rather than later. We should be wary of falling into the Russian Roulette Fallacy, where just because something hasn't historically been a problem we assume it will never be a problem. (For those who've never heard of the RRF -- in American English, "Russian roulette" is placing a single bullet into a revolver, spinning the cylinder, putting it at your head and pulling the trigger. If you're lucky enough to survive pulling the trigger once, you shouldn't take that as evidence that you can keep doing it.) From georgi at forkbomb.nl Thu May 7 08:13:21 2009 From: georgi at forkbomb.nl (Georgi Hristozov) Date: Thu, 07 May 2009 18:13:21 +0300 Subject: [Enigmail] Enigmail hanging after unclean gpg shutdown Message-ID: <4A02FA91.3060409@forkbomb.nl> Hi, I noted an issue with Enigmail and the way that it calls gpg. I had a crash of my mail client. After I fired it up again and tried to access my keyring, Enigmail hanged. I had to kill the gpg process in order to wake up Thunderbird. The problem was that before the unclean shutdown of Thunderbird, gpg has left some .lock files in my ~/.gnupg directory. And every attempt to manually run gpg leads to the following: gpg: waiting for lock (held by XXXX - probably dead) ... And Enigmail waits for gpg to get responsive. And it can wait until the user deletes the locks by hand. :) It would be nice if Enigmail stops waiting in such situations and warns the user about the .lock files. Don't you think so? :) Best regards, Georgi Hristozov -------------- next part -------------- A non-text attachment was scrubbed... Name: signature.asc Type: application/pgp-signature Size: 259 bytes Desc: OpenPGP digital signature URL: From thomas at lecavelier.name Thu May 7 10:21:42 2009 From: thomas at lecavelier.name (Thomas Lecavelier) Date: Thu, 07 May 2009 19:21:42 +0200 Subject: [Enigmail] Enigmail hanging after unclean gpg shutdown In-Reply-To: References: Message-ID: <4A0318A6.5000105@lecavelier.name> Georgi Hristozov a ?crit : > And Enigmail waits for gpg to get responsive. And it can wait until the > user deletes the locks by hand. :) It would be nice if Enigmail stops > waiting in such situations and warns the user about the .lock files. > Don't you think so? :) > My non-binding +1 It's exactly the problem I met last week (see my post from yesterday), and a message from enigmail explaining why it was failing would help me a lot. Thomas. From thomas at lecavelier.name Thu May 7 10:21:42 2009 From: thomas at lecavelier.name (Thomas Lecavelier) Date: Thu, 07 May 2009 19:21:42 +0200 Subject: [Enigmail] Enigmail hanging after unclean gpg shutdown In-Reply-To: References: Message-ID: <4A0318A6.5000105@lecavelier.name> Georgi Hristozov a ?crit : > And Enigmail waits for gpg to get responsive. And it can wait until the > user deletes the locks by hand. :) It would be nice if Enigmail stops > waiting in such situations and warns the user about the .lock files. > Don't you think so? :) > My non-binding +1 It's exactly the problem I met last week (see my post from yesterday), and a message from enigmail explaining why it was failing would help me a lot. Thomas. From georgi at forkbomb.nl Thu May 7 22:53:20 2009 From: georgi at forkbomb.nl (Georgi Hristozov) Date: Fri, 08 May 2009 08:53:20 +0300 Subject: [Enigmail] Enigmail hanging after unclean gpg shutdown In-Reply-To: <4A0318A6.5000105@lecavelier.name> References: <4A0318A6.5000105@lecavelier.name> Message-ID: <4A03C8D0.90906@forkbomb.nl> Hi, Thomas Lecavelier ??????: > Georgi Hristozov a ?crit : >> And Enigmail waits for gpg to get responsive. And it can wait until the >> user deletes the locks by hand. :) It would be nice if Enigmail stops >> waiting in such situations and warns the user about the .lock files. >> Don't you think so? :) >> > > My non-binding +1 > > It's exactly the problem I met last week (see my post from yesterday), > and a message from enigmail explaining why it was failing would help me > a lot. > > Thomas. > _______________________________________________ > Enigmail mailing list > Enigmail at mozdev.org > https://www.mozdev.org/mailman/listinfo/enigmail Sorry, I subscribed yesterday and just didn't read the archives before posting. -------------- next part -------------- A non-text attachment was scrubbed... Name: signature.asc Type: application/pgp-signature Size: 259 bytes Desc: OpenPGP digital signature URL: From patrick at mozilla-enigmail.org Thu May 7 23:48:45 2009 From: patrick at mozilla-enigmail.org (Patrick Brunschwig) Date: Fri, 08 May 2009 08:48:45 +0200 Subject: [Enigmail] Enigmail hanging after unclean gpg shutdown In-Reply-To: <4A0318A6.5000105@lecavelier.name> References: <4A0318A6.5000105@lecavelier.name> Message-ID: <4A03D5CD.9080101@mozilla-enigmail.org> -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 Thomas Lecavelier wrote: > Georgi Hristozov a ?crit : >> And Enigmail waits for gpg to get responsive. And it can wait until the >> user deletes the locks by hand. :) It would be nice if Enigmail stops >> waiting in such situations and warns the user about the .lock files. >> Don't you think so? :) >> > > My non-binding +1 > > It's exactly the problem I met last week (see my post from yesterday), > and a message from enigmail explaining why it was failing would help me > a lot. The problem is that GnuPG doesn't tell in a proper (i.e. parseable, unique, non-localized) way that it's waiting for a lock. Checking for something like "gpg: waiting for lock" doesn't succeed because the message is different if GnuPG is used e.g. in German or French. - -Patrick -----BEGIN PGP SIGNATURE----- Version: GnuPG v2.0.11 (GNU/Linux) Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org/ iQEVAwUBSgPVzHcOpHodsOiwAQiAfwf/UIiet6mk7+M5ZSu4teQNMSch7+uCAloW GNufLuJK435ChIXTHgv0Lx6v2F2mqZ3JRdcgnTyP5x8Qgircq1LoebHyoNsyZc+v KsUtL8JxBxc7PXR6+sOqSVx9yVeqQd5XWxHk8yQGY8Bl5/8AItP7VHzS3w4ySBWy g3yc75E5lVptdbRRUht1xFlnosiDzSF6D+Ae9d+qlUfQXVvjaTo8ktYa69tmeW8h fhQ6auR7wZIpnfNggk2dxpXvOj5UWWdE37ebKGCZUpoVbxJNBFUI8bJHyV+0ngCB g/CYD3zTCDIeWEZwn/Ru/291UiU9kSq2AkXAu3r63qObZYz1468BuQ== =V4/t -----END PGP SIGNATURE----- From post at lespocky.de Fri May 8 00:36:41 2009 From: post at lespocky.de (Alexander Dahl) Date: Fri, 08 May 2009 09:36:41 +0200 Subject: [Enigmail] Enigmail hanging after unclean gpg shutdown In-Reply-To: <4A03D5CD.9080101@mozilla-enigmail.org> References: <4A0318A6.5000105@lecavelier.name> <4A03D5CD.9080101@mozilla-enigmail.org> Message-ID: <0MKuxg-1M2KdV31vl-0000if@mrelayeu.kundenserver.de> Hi Patrick, > The problem is that GnuPG doesn't tell in a proper (i.e. parseable, > unique, non-localized) way that it's waiting for a lock. Checking for > something like "gpg: waiting for lock" doesn't succeed because the > message is different if GnuPG is used e.g. in German or French. Can't you tell GnuPG in which language he should answer you? In shell scripts I would set LANG=C and get the output regardless of user locale. Greets Alex -------------- next part -------------- A non-text attachment was scrubbed... Name: signature.asc Type: application/pgp-signature Size: 260 bytes Desc: OpenPGP digital signature URL: From Jhony.Armando at djmtz.sld.cu Fri May 8 03:35:10 2009 From: Jhony.Armando at djmtz.sld.cu (Jhony A Flores Balderrama(G11)) Date: Fri, 08 May 2009 03:35:10 -0700 Subject: [Enigmail] HELLO In-Reply-To: <4A03D5CD.9080101@mozilla-enigmail.org> References: <4A0318A6.5000105@lecavelier.name> <4A03D5CD.9080101@mozilla-enigmail.org> Message-ID: HOLA ..CHAVAL Q ES LO Q ME CUENTAS CO?O ....QUIERO UNA CUENTA DE CORREO EN ESTA PAGINA ..http://enigmail.mozdev.org/ NO SE SI PODRIAS DARME, POR QUE NECESITO COMUNICARME ....... -----Original Message----- From: Patrick Brunschwig To: Enigmail user discussion list Date: Fri, 08 May 2009 08:48:45 +0200 Subject: Re: [Enigmail] Enigmail hanging after unclean gpg shutdown -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 Thomas Lecavelier wrote: > Georgi Hristozov a ?crit : >> And Enigmail waits for gpg to get responsive. And it can wait until the >> user deletes the locks by hand. :) It would be nice if Enigmail stops >> waiting in such situations and warns the user about the .lock files. >> Don't you think so? :) >> > > My non-binding +1 > > It's exactly the problem I met last week (see my post from yesterday), > and a message from enigmail explaining why it was failing would help me > a lot. The problem is that GnuPG doesn't tell in a proper (i.e. parseable, unique, non-localized) way that it's waiting for a lock. Checking for something like "gpg: waiting for lock" doesn't succeed because the message is different if GnuPG is used e.g. in German or French. - -Patrick -----BEGIN PGP SIGNATURE----- Version: GnuPG v2.0.11 (GNU/Linux) Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org/ iQEVAwUBSgPVzHcOpHodsOiwAQiAfwf/UIiet6mk7+M5ZSu4teQNMSch7+uCAloW GNufLuJK435ChIXTHgv0Lx6v2F2mqZ3JRdcgnTyP5x8Qgircq1LoebHyoNsyZc+v KsUtL8JxBxc7PXR6+sOqSVx9yVeqQd5XWxHk8yQGY8Bl5/8AItP7VHzS3w4ySBWy g3yc75E5lVptdbRRUht1xFlnosiDzSF6D+Ae9d+qlUfQXVvjaTo8ktYa69tmeW8h fhQ6auR7wZIpnfNggk2dxpXvOj5UWWdE37ebKGCZUpoVbxJNBFUI8bJHyV+0ngCB g/CYD3zTCDIeWEZwn/Ru/291UiU9kSq2AkXAu3r63qObZYz1468BuQ== =V4/t -----END PGP SIGNATURE----- _______________________________________________ Enigmail mailing list Enigmail at mozdev.org https://www.mozdev.org/mailman/listinfo/enigmail La Facultad - Policlinico 26 de Julio Celebra el ??Aniversario 50 de la Revoluci?n Cubana ?? -------------- next part -------------- An HTML attachment was scrubbed... URL: From dkg at fifthhorseman.net Fri May 8 07:44:19 2009 From: dkg at fifthhorseman.net (Daniel Kahn Gillmor) Date: Fri, 08 May 2009 10:44:19 -0400 Subject: [Enigmail] Enigmail hanging after unclean gpg shutdown In-Reply-To: <0MKuxg-1M2KdV31vl-0000if@mrelayeu.kundenserver.de> References: <4A0318A6.5000105@lecavelier.name> <4A03D5CD.9080101@mozilla-enigmail.org> <0MKuxg-1M2KdV31vl-0000if@mrelayeu.kundenserver.de> Message-ID: <4A044543.6040305@fifthhorseman.net> On 05/08/2009 03:36 AM, Alexander Dahl wrote: > Can't you tell GnuPG in which language he should answer you? In shell > scripts I would set LANG=C and get the output regardless of user locale. This is problematic if enigmail ever exposes the gnupg output to the user, though. in that case, it should use the user's locale. Patrick, if you think gnupg should emit something parseable about locking on (for example) the --status-fd, it'd be worth bringing it up on gnupg-devel. It's a reasonable development community. --dkg -------------- next part -------------- A non-text attachment was scrubbed... Name: signature.asc Type: application/pgp-signature Size: 890 bytes Desc: OpenPGP digital signature URL: From patrick at mozilla-enigmail.org Fri May 8 07:53:58 2009 From: patrick at mozilla-enigmail.org (Patrick Brunschwig) Date: Fri, 08 May 2009 16:53:58 +0200 Subject: [Enigmail] Enigmail hanging after unclean gpg shutdown In-Reply-To: <4A044543.6040305@fifthhorseman.net> References: <4A0318A6.5000105@lecavelier.name> <4A03D5CD.9080101@mozilla-enigmail.org> <0MKuxg-1M2KdV31vl-0000if@mrelayeu.kundenserver.de> <4A044543.6040305@fifthhorseman.net> Message-ID: <4A044786.6030805@mozilla-enigmail.org> -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 Daniel Kahn Gillmor wrote: > On 05/08/2009 03:36 AM, Alexander Dahl wrote: >> Can't you tell GnuPG in which language he should answer you? In shell >> scripts I would set LANG=C and get the output regardless of user locale. > > This is problematic if enigmail ever exposes the gnupg output to the > user, though. in that case, it should use the user's locale. > > Patrick, if you think gnupg should emit something parseable about > locking on (for example) the --status-fd, it'd be worth bringing it up > on gnupg-devel. It's a reasonable development community. right :-) -----BEGIN PGP SIGNATURE----- Version: GnuPG v2.0.11 (GNU/Linux) Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org/ iQEVAwUBSgRHhXcOpHodsOiwAQjceQf+N5ZNXNau/8TI+vSKRY65Q4TlP2mfQChT EHaRVJV6JWraFqFREckIhZYuT3kWcHtIy1l85zaft4ZiSrUxU01EGlHScgWQB1gd ZTiZYHEpJFIBImI4xCNKfvv9yKq2yhuqjjUZkYFlJH/XRPTifMUs2Pex7wFjeA3M 4xIWmardTHroEHan29HUsfh8DJXQxZVH3+cAbd2P/TIrb2oyKtJS8GGYZ8kmfjqa NLPsr2J7wZ0+MWzG458gIsI86Vf2nihj8h9YNDID3ztOpWvqo0KyEdyuhvwU4IS4 z/BVPY+QtCZ04xT8Pe1R01df/kCb/JwC4fmiLZY4Lvde3MmChYNxtA== =KsF9 -----END PGP SIGNATURE----- From georgi at forkbomb.nl Fri May 8 10:02:18 2009 From: georgi at forkbomb.nl (Georgi Hristozov) Date: Fri, 08 May 2009 20:02:18 +0300 Subject: [Enigmail] Enigmail hanging after unclean gpg shutdown In-Reply-To: <4A03D5CD.9080101@mozilla-enigmail.org> References: <4A0318A6.5000105@lecavelier.name> <4A03D5CD.9080101@mozilla-enigmail.org> Message-ID: <4A04659A.6080209@forkbomb.nl> Hi, Patrick Brunschwig ??????: > > > The problem is that GnuPG doesn't tell in a proper (i.e. parseable, > unique, non-localized) way that it's waiting for a lock. Checking for > something like "gpg: waiting for lock" doesn't succeed because the > message is different if GnuPG is used e.g. in German or French. > > -Patrick Isn't it possible for Enigmail to give up after a reasonable amount of time and tell the user that something's wrong with gpg? -------------- next part -------------- A non-text attachment was scrubbed... Name: signature.asc Type: application/pgp-signature Size: 259 bytes Desc: OpenPGP digital signature URL: From faramir.cl at gmail.com Fri May 8 13:06:56 2009 From: faramir.cl at gmail.com (Faramir) Date: Fri, 08 May 2009 16:06:56 -0400 Subject: [Enigmail] HELLO In-Reply-To: References: <4A0318A6.5000105@lecavelier.name> <4A03D5CD.9080101@mozilla-enigmail.org> Message-ID: <4A0490E0.4070908@gmail.com> Jhony A Flores Balderrama(G11) escribi?: > > HOLA ..CHAVAL Q ES LO Q ME CUENTAS CO?O ....QUIERO UNA CUENTA DE CORREO > EN ESTA PAGINA .. http://enigmail.mozdev.org/ NO SE SI PODRIAS DARME, > POR QUE NECESITO COMUNICARME ....... Jhony, el sitio al que te refieres no es un proveedor de cuentas de correo electr?nico, sino que es un sitio para el desarrollo y distribuci?n del programa Enigmail, que es un agregado para instalar en Mozilla Thunderbird, y as? poder utilizar GnuPG con Thunderbird. La idea es que puedas usar GnuPG desde Thunderbird, pero en tu propia cuenta de correo (por ejemplo, las de gmail funcionan de maravilla). En resumen, el sitio provee herramientas para comunicarse, pero el e-mail lo debes conseguir en otro sitio. He would like to have an e-mail address in the site http://enigmail.mozdev.org, because he "needs to be able to communicate". I told him the site is to develop and release Enigmail, which is an addon for TB, enabling it to work with GnuPG, and that he needs to use his own e-mail address, and that gmail works fine for that purposes. Best Regards -------------- next part -------------- A non-text attachment was scrubbed... Name: signature.asc Type: application/pgp-signature Size: 550 bytes Desc: OpenPGP digital signature URL: From jmoore3rd at bellsouth.net Fri May 8 13:09:43 2009 From: jmoore3rd at bellsouth.net (John W. Moore III) Date: Fri, 08 May 2009 16:09:43 -0400 Subject: [Enigmail] HELLO In-Reply-To: <4A0490E0.4070908@gmail.com> References: <4A0318A6.5000105@lecavelier.name> <4A03D5CD.9080101@mozilla-enigmail.org> <4A0490E0.4070908@gmail.com> Message-ID: <4A049187.6000106@bellsouth.net> -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 Faramir wrote: > He would like to have an e-mail address in the site > http://enigmail.mozdev.org, because he "needs to be able to communicate". > > I told him the site is to develop and release Enigmail, which is an > addon for TB, enabling it to work with GnuPG, and that he needs to use > his own e-mail address, and that gmail works fine for that purposes. Thanks again for the translation work. :-D JOHN ;) Timestamp: Friday 08 May 2009, 16:09 --400 (Eastern Daylight Time) -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.10-svn4995: (MingW32) Comment: Public Key at: http://tinyurl.com/8cpho Comment: Gossamer Spider Web of Trust: https://www.gswot.org Comment: Homepage: http://tinyurl.com/yzhbhx iQEcBAEBCgAGBQJKBJGFAAoJEBCGy9eAtCsPS3AH/3bN2D3s9Nv23vbxyzqky2d7 wwLRQaO9VpQNPr/HImVkCkqiWBbB9cA29Rgk/dW6DT/JwbwO6ay0v9qa8xPaM9wE +hYvaewSHyv8Us5K6nfZ/BF6YJXWvxd8rFPzH0CQOwN4KffWKYwn7bWFEpkyBLo9 SV6byfAx0/fwS/goo08oo7c15keP2WTeG5rLFRSHgUm4LxjNzaPmho8X+4nDWtbi 6g/fpjWO8I1MeEhlxbNtse19bG90M2GXzhWia1lr0Z9//hmOguD4sb6i4+BRp7TI k4tXrxv1VBispaWYAUFNnqVexcd2Y774Hg/XDmvQ37sSnCMkGzvlbU9QY3O+5C0= =nLcp -----END PGP SIGNATURE----- From rjh at sixdemonbag.org Fri May 8 13:11:08 2009 From: rjh at sixdemonbag.org (Robert J. Hansen) Date: Fri, 08 May 2009 16:11:08 -0400 Subject: [Enigmail] HELLO In-Reply-To: <4A0490E0.4070908@gmail.com> References: <4A0318A6.5000105@lecavelier.name> <4A03D5CD.9080101@mozilla-enigmail.org> <4A0490E0.4070908@gmail.com> Message-ID: <4A0491DC.2010807@sixdemonbag.org> Faramir wrote: > I told him the site is to develop and release Enigmail, which is an > addon for TB, enabling it to work with GnuPG, and that he needs to use > his own e-mail address, and that gmail works fine for that purposes. Thank you for the translation, Faramir! From John at Mozilla-Enigmail.org Fri May 8 13:36:49 2009 From: John at Mozilla-Enigmail.org (John Clizbe) Date: Fri, 08 May 2009 15:36:49 -0500 Subject: [Enigmail] HELLO In-Reply-To: <4A0490E0.4070908@gmail.com> References: <4A0318A6.5000105@lecavelier.name> <4A03D5CD.9080101@mozilla-enigmail.org> <4A0490E0.4070908@gmail.com> Message-ID: <4A0497E1.7030709@Mozilla-Enigmail.org> Faramir wrote: > He would like to have an e-mail address in the site > http://enigmail.mozdev.org, because he "needs to be able to communicate". > > I told him the site is to develop and release Enigmail, which is an > addon for TB, enabling it to work with GnuPG, and that he needs to use > his own e-mail address, and that gmail works fine for that purposes. ?Gracias por el trabajo de traducci?n! Would you pass on that hijacking a thread is very poor netiquette. It is much better to begin with a clean email and start a new thread than to reply to an existing message and change the subject. -- John P. Clizbe Inet:John (a) Mozilla-Enigmail.org You can't spell fiasco without SCO. hkp://keyserver.gingerbear.net or mailto:pgp-public-keys at gingerbear.net?subject=HELP Q:"Just how do the residents of Haiku, Hawai'i hold conversations?" A:"An odd melody / island voices on the winds / surplus of vowels" -------------- next part -------------- A non-text attachment was scrubbed... Name: signature.asc Type: application/pgp-signature Size: 678 bytes Desc: OpenPGP digital signature URL: From faramir.cl at gmail.com Fri May 8 14:23:23 2009 From: faramir.cl at gmail.com (Faramir) Date: Fri, 08 May 2009 17:23:23 -0400 Subject: [Enigmail] About (Re: HELLO) Message-ID: <4A04A2CB.9060301@gmail.com> -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 John Clizbe escribi?: > Faramir wrote: ... >> I told him the site is to develop and release Enigmail, which is an >> addon for TB, enabling it to work with GnuPG, and that he needs to use >> his own e-mail address, and that gmail works fine for that purposes. > > ?Gracias por el trabajo de traducci?n! You are welcome ;) > Would you pass on that hijacking a thread is very poor netiquette. It is > much better to begin with a clean email and start a new thread than to > reply to an existing message and change the subject. Sorry, I didn't think about that at that time, I'll be more careful in future. Best Regards -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.9 (MingW32) Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org iQEcBAEBCAAGBQJKBKLKAAoJEMV4f6PvczxAV0UH/jOOafK/45PbPmf5OPx5S0Wq Kg44oGiBziGvJ8S89Ghn2LM6nPaCTJHWxdBxintObq0lz1kwWg2rLvPX+7f9GYPz SigqK3+bN+SwBEUTubrkqQi2NZ3+EOqMWQCwqGShm91z/sZ7E2RKzkMlXPFubnuR F2jUPGMOtU1cIwwp7ah4ZC/VPDabmM19mIESKGxez2tBrrab1mJFLS2sf2/Ho6xE cz0UttwCwvuBFp106XrD/BM4zLAPWzwVnpRhs6w0N2lXkR38w4XeWzbAInLXEDsx 9fFZpMKh3o7uYnxcpceMOXW9o8HTp3cb4imZIA16gEHAi1r88hr9SzBn44JJD1Y= =VEfb -----END PGP SIGNATURE----- From rjh at sixdemonbag.org Fri May 8 15:16:26 2009 From: rjh at sixdemonbag.org (Robert J. Hansen) Date: Fri, 08 May 2009 18:16:26 -0400 Subject: [Enigmail] About (Re: HELLO) In-Reply-To: <4A04A2CB.9060301@gmail.com> References: <4A04A2CB.9060301@gmail.com> Message-ID: <4A04AF3A.5010201@sixdemonbag.org> Faramir wrote: > Sorry, I didn't think about that at that time, I'll be more careful in > future. We're certainly not angry about it, Faramir. :) Besides, hindsight is always 20/20. From l.dobrev at gmail.com Sat May 9 12:19:00 2009 From: l.dobrev at gmail.com (Lachezar Dobrev) Date: Sat, 9 May 2009 22:19:00 +0300 Subject: [Enigmail] Enigmail on Ubuntu 9.04 In-Reply-To: <90266c3f0905050812r75a1d6du260dc9376d1bffbc@mail.gmail.com> References: <4A004877.5060609@sixdemonbag.org> <90266c3f0905050812r75a1d6du260dc9376d1bffbc@mail.gmail.com> Message-ID: <90266c3f0905091219p1be8085aq887b617bfd0c0d24@mail.gmail.com> Could somebody tell me if this message got through? I didn't see a confirmation message, and also I don't see it on list archives. 2009/5/5 Lachezar Dobrev : > ?I found out, that integrating with Ubuntu is the better option. > ?1. In the User Settings open the Encryption/Keyring options (sorry, using non-English interface) > ?2. Choose there to remember the password for let's say 5 minutes, rather than the default. > ?3. Un-check the 'Ask before using remembered...' > ?4. In Thunderbird open Enigmail's settings. > ?5. Turn on the 'Do not ask for any passphrase'. > ?6. Turn on the 'Display expert settings' > ?7. Select OK. > ?8. Open Engimail settings again. > ?9. Go to Advanced tab. > ?10. Turn on 'Use gpg-agent for passphrases'. > > ?A defect occurs, if you have visual effects turned on: when the > password question pop-up occurs it is often displayed behind the > Enigmail window, but has focus. > > 2009/5/5 Robert J. Hansen : >> Since upgrading to Ubuntu 9.04, I've discovered a weird behavior: >> despite having my passphrase cache set to a nice high value, Enigmail >> refuses to cache my passphrase for any length of time. ?Each and every >> encrypted email I receive requires me to re-enter a passphrase all over >> again. >> >> This occurs using official Ubuntu packages. >> >> Anyone know what's going on? >> _______________________________________________ >> Enigmail mailing list >> Enigmail at mozdev.org >> https://www.mozdev.org/mailman/listinfo/enigmail >> > From olav at mozilla-enigmail.org Sat May 9 12:55:29 2009 From: olav at mozilla-enigmail.org (Olav Seyfarth) Date: Sat, 09 May 2009 21:55:29 +0200 Subject: [Enigmail] Enigmail on Ubuntu 9.04] Message-ID: <4A05DFB1.8080106@mozilla-enigmail.org> -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 Hi Lachezar, > Could somebody tell me if this message got through? > I didn't see a confirmation message, and also I don't see it on list archives. Yes, I received your message (attached). Olav -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.9 (MingW32) Comment: Diese ist eine Digitale Signatur nach OpenPGP-Standard Comment: http://privat.seyfarth.de/olav/schluessel.html iEYEAREIAAYFAkoF37AACgkQL/NBt8fdKe1HRwCgu7P5NqdfBnXu8HpTlMqdnZZo UQYAnRXibSopxQUgzzcvVRd4qLwbZAZj =nYnk -----END PGP SIGNATURE----- -------------- next part -------------- An embedded message was scrubbed... From: Lachezar Dobrev Subject: Re: [Enigmail] Enigmail on Ubuntu 9.04 Date: Tue, 5 May 2009 18:12:21 +0300 Size: 6073 URL: From patrick at mozilla-enigmail.org Mon May 11 00:12:50 2009 From: patrick at mozilla-enigmail.org (Patrick Brunschwig) Date: Mon, 11 May 2009 09:12:50 +0200 Subject: [Enigmail] Enigmail hanging after unclean gpg shutdown In-Reply-To: <4A04659A.6080209@forkbomb.nl> References: <4A0318A6.5000105@lecavelier.name> <4A03D5CD.9080101@mozilla-enigmail.org> <4A04659A.6080209@forkbomb.nl> Message-ID: <4A07CFF2.9020207@mozilla-enigmail.org> -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 Georgi Hristozov wrote: > Hi, > > Patrick Brunschwig ??????: >> >> >> The problem is that GnuPG doesn't tell in a proper (i.e. parseable, >> unique, non-localized) way that it's waiting for a lock. Checking for >> something like "gpg: waiting for lock" doesn't succeed because the >> message is different if GnuPG is used e.g. in German or French. >> >> -Patrick > > Isn't it possible for Enigmail to give up after a reasonable amount of > time and tell the user that something's wrong with gpg? Not without rewriting half of the backend. But I just learned that the authors of GnuPG have enhanced the algorithm for detecting dead lock files; the problem will thus go away automatically. - -Patrick -----BEGIN PGP SIGNATURE----- Version: GnuPG v2.0.11 (GNU/Linux) Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org/ iQEVAwUBSgfP8XcOpHodsOiwAQi2WAgAjHO8XnY+LefvB1+3AZexZoZiwoPd9XOC 7c/V88H2nlbrjolZy/t3Ko/QBHtJDcFR4bC1gtbplVmhH+GamYujKHu7mZFrFEgD 1wOLXprv2CpUCO5uLjdEe8wubBDAwOSlnMjDK2NCfOxbcrsHYd6uaqEd2rTwn617 Ib6hyuz5ugqT5uS4ud5vstaOO0zvJ2g8H0HeK/hAyhXlESFwIIhUhFVLq0EVCrkA 1MURUMEHOwxUXPi1f1/63TyvLp9kqAlXu/fCBrWCrhRa6d9TLApQNg95WF2Chx9Z 7TrwpURjaBdPGcB9REWzHSeJ7fqc3BidACqLV33GoW+zZC18qYNw5g== =NNw+ -----END PGP SIGNATURE----- From patrick at mozilla-enigmail.org Tue May 12 08:18:23 2009 From: patrick at mozilla-enigmail.org (Patrick Brunschwig) Date: Tue, 12 May 2009 17:18:23 +0200 Subject: [Enigmail] About Supprting BCCed Recipients Message-ID: <4A09933F.3080807@mozilla-enigmail.org> -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 Up to now, Enigmail gave a warning if encrypted emails are sent to BCCed recipients because GnuPG would store the key ID's of all recipients in the encrypted message. In order to overcome this privacy issue, there is an option that allows to tell GnuPG not to write some of the key ID's into an encrypted message ("--no-throw-keyids" and "--hidden-recipient"). If such "anonymous" key ID's are found in a message, GnuPG would probe all secret keys until one of them allows to decrypt the message. Unfortunately, hiding the keys in a message is an optional part of the OpenPGP standard; PGP (in particular) is known not to support it. And here comes my question: please help us out by lettings us know how many of your correspondents use a tool like PGP such that they would not be able to decrypt messages with hidden keys by participating in the poll on our forum: Thanks, Patrick -----BEGIN PGP SIGNATURE----- Version: GnuPG v2.0.11 (GNU/Linux) Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org/ iQEVAwUBSgmTPncOpHodsOiwAQi4KggAuM4MgxMZR4qeDHSnMuSWxaIMBv5vtFDN W1sJ0tFsnDCZD9ghzRhngsRYIIM80fB2HTkVffe0Yql1Dt6FkKWGwXtdxCE/tKUs tSLrQkF99uG9P6pgawt3cOEpnG5wL+jzbwVCFfn7k1RVLJ1uH6YAZ64oV0GlMUTz 0IDnIv4tZFFwBu8e9vM7Tt6Ji/rJQ5XRtoqizpTs2MzBRfvUB0IRhloglxthHWiy 2DM0UUZQqJaSRTj2uEPi4wn6hCW9JEFldFri0FSiqt4WHemN/1rQsQAnww4d1EFn IkPJ1PECktGToJ0WfKO9pGJSLSrldk/60XIrGYe0ewBuNM41ZtRS2Q== =UGuP -----END PGP SIGNATURE----- From hrickards at l33tmyst.com Tue May 12 08:50:54 2009 From: hrickards at l33tmyst.com (Harry Rickards) Date: Tue, 12 May 2009 16:50:54 +0100 Subject: [Enigmail] About Supprting BCCed Recipients In-Reply-To: <4A09933F.3080807@mozilla-enigmail.org> References: <4A09933F.3080807@mozilla-enigmail.org> Message-ID: <4A099ADE.4010407@l33tmyst.com> -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 On 05/12/09 16:18, Patrick Brunschwig wrote: > Up to now, Enigmail gave a warning if encrypted emails are sent to BCCed > recipients because GnuPG would store the key ID's of all recipients in > the encrypted message. In order to overcome this privacy issue, there is > an option that allows to tell GnuPG not to write some of the key ID's > into an encrypted message ("--no-throw-keyids" and > "--hidden-recipient"). If such "anonymous" key ID's are found in a > message, GnuPG would probe all secret keys until one of them allows to > decrypt the message. > > Unfortunately, hiding the keys in a message is an optional part of the > OpenPGP standard; PGP (in particular) is known not to support it. > > And here comes my question: please help us out by lettings us know how > many of your correspondents use a tool like PGP such that they would not > be able to decrypt messages with hidden keys by participating in the > poll on our forum: > > > Thanks, > Patrick Although I agree this is needed, perhaps a forum poll isn't the best way for user's to vote (for need of a better word). I know I certainly think it would be a lot easier just replying to this email than say: going to the link above, logging in (or registering for some people) and voting. This may be why there's only been one vote so far (as well as it's only been half an hour since you started the thread). Would it be possible for you to setup some sort of email based poll on this mailing list, as I think a lot more people would vote then. For now, if anyone wants to vote without having to register an account, etc, I'll vote for them if they send me an email to hrickards at l33tmyst.com encrypted with my GPG key - 1024D/646ED06A. That is, after the administrator of the forum approves my account (see how long it will take people to vote, most people will not bother.) Thanks - -- Many thanks Harry Rickards - -----BEGIN GEEK CODE BLOCK----- Version: 3.1 GAT/GCM/GCS/GCC/GIT/GM d? s: a? C++++ UL++++ P- L+++ E--- W+++ N o K+ w--- O- M- V- PS+ PE Y+ PGP++ t 5 X R tv-- b+++ DI D---- G e* h! !r y? - ------END GEEK CODE BLOCK------ -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.9 (GNU/Linux) Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org/ iEYEARECAAYFAkoJmt4ACgkQ1kZz3mRu0GrjcwCfR1ow2TryvS8OtyA0U5dfuSsp EEYAn3eZQ88lmmY54mflhISaK89fZMHe =GTim -----END PGP SIGNATURE----- From patrick at mozilla-enigmail.org Tue May 12 09:19:50 2009 From: patrick at mozilla-enigmail.org (Patrick Brunschwig) Date: Tue, 12 May 2009 18:19:50 +0200 Subject: [Enigmail] About Supprting BCCed Recipients In-Reply-To: <4A099ADE.4010407@l33tmyst.com> References: <4A09933F.3080807@mozilla-enigmail.org> <4A099ADE.4010407@l33tmyst.com> Message-ID: <4A09A1A6.8020007@mozilla-enigmail.org> -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 Harry Rickards wrote: > On 05/12/09 16:18, Patrick Brunschwig wrote: >> Up to now, Enigmail gave a warning if encrypted emails are sent to BCCed >> recipients because GnuPG would store the key ID's of all recipients in >> the encrypted message. In order to overcome this privacy issue, there is >> an option that allows to tell GnuPG not to write some of the key ID's >> into an encrypted message ("--no-throw-keyids" and >> "--hidden-recipient"). If such "anonymous" key ID's are found in a >> message, GnuPG would probe all secret keys until one of them allows to >> decrypt the message. > >> Unfortunately, hiding the keys in a message is an optional part of the >> OpenPGP standard; PGP (in particular) is known not to support it. > >> And here comes my question: please help us out by lettings us know how >> many of your correspondents use a tool like PGP such that they would not >> be able to decrypt messages with hidden keys by participating in the >> poll on our forum: >> > >> Thanks, >> Patrick > > Although I agree this is needed, perhaps a forum poll isn't the best way > for user's to vote (for need of a better word). I know I certainly think > it would be a lot easier just replying to this email than say: going to > the link above, logging in (or registering for some people) and voting. > This may be why there's only been one vote so far (as well as it's only > been half an hour since you started the thread). > > Would it be possible for you to setup some sort of email based poll on > this mailing list, as I think a lot more people would vote then. For > now, if anyone wants to vote without having to register an account, etc, > I'll vote for them if they send me an email to hrickards at l33tmyst.com > encrypted with my GPG key - 1024D/646ED06A. That is, after the > administrator of the forum approves my account (see how long it will > take people to vote, most people will not bother.) Thanks I forgot that the forum needs registration. Those who don't want to register can send an email to the following address: poll at mozilla-enigmail.org Please indicate your answer to the following question: How many of your correspondents use a product (like PGP) that doesn't support hidden keys? [ ] More than 50% [ ] Between 20% and 50% [ ] Less than 20% [ ] None (i.e. 0%) [ ] I don't know what software my correspondents use for encrypting messages Thanks again - -Patrick -----BEGIN PGP SIGNATURE----- Version: GnuPG v2.0.11 (GNU/Linux) Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org/ iQEVAwUBSgmhoHcOpHodsOiwAQh2Jgf+JEWNYHdsKl4NJp6P7Zf1h4l3ehnYraVV oRIAj1aSDpIQKBa2CO4/YITDufuFgR8NLyzidZoNZC39MYZbd5xQccr3l6YTulhq 81KRJhhDjV+ZHVQPp5XmM6ftW3nypbDBl4U+5UY7ZvviHIESsVdwdF0CLKsEopXJ YfYlypFlZpy4PkL5q4FExobxsNfwaqqCFugsyu96+xhdmqyeVN35VVaYF1BQDXDu HHsT1rtXImcA3KwRcLEbdAyV6ViMO2fRp3H6f4yoCLtGMHQdaxrcJiTN+WlU6oV3 ILich8ZAJrNhBn4hTjJCaf0OEL9gVT9JntcP9l4NdpFIlSoHthnFTA== =OXUV -----END PGP SIGNATURE----- From dkg at fifthhorseman.net Tue May 12 09:58:44 2009 From: dkg at fifthhorseman.net (Daniel Kahn Gillmor) Date: Tue, 12 May 2009 12:58:44 -0400 Subject: [Enigmail] About Supprting BCCed Recipients In-Reply-To: <4A09A1A6.8020007@mozilla-enigmail.org> References: <4A09933F.3080807@mozilla-enigmail.org> <4A099ADE.4010407@l33tmyst.com> <4A09A1A6.8020007@mozilla-enigmail.org> Message-ID: <4A09AAC4.7070708@fifthhorseman.net> On 05/12/2009 12:19 PM, Patrick Brunschwig wrote: > I forgot that the forum needs registration. Those who don't want to > register can send an email to the following address: > poll at mozilla-enigmail.org > > Please indicate your answer to the following question: > > How many of your correspondents use a product (like PGP) that doesn't > support hidden keys? > > [ ] More than 50% > [ ] Between 20% and 50% > [ ] Less than 20% > [ ] None (i.e. 0%) > [ ] I don't know what software my correspondents use for encrypting messages I believe that everyone who participates on public mailing lists like this one *must* answer in the latter category, simply because we have no idea who else is subscribed to the lists we use. Of course, mails sent to lists are not usually encrypted so perhaps this doesn't matter. Perhaps it should be rephrased as "how many people do you send encrypted mail to that cannot read it with hidden keys?" Even so, it seems like we might be asking the wrong people. Also, please don't enable hidden recipients by setting --no-throw-ids, which paints with far too wide a brush. Better to use --hidden-recipient for the specifically Bcc'ed folks. Most simply, i could see this as the default behavior (--hidden-recipient for Bcc), with the ability to set a per-recipient rule disabling the feature. --dkg -------------- next part -------------- A non-text attachment was scrubbed... Name: signature.asc Type: application/pgp-signature Size: 890 bytes Desc: OpenPGP digital signature URL: From jmoore3rd at bellsouth.net Tue May 12 10:44:47 2009 From: jmoore3rd at bellsouth.net (John W. Moore III) Date: Tue, 12 May 2009 13:44:47 -0400 Subject: [Enigmail] About Supprting BCCed Recipients In-Reply-To: <4A09933F.3080807@mozilla-enigmail.org> References: <4A09933F.3080807@mozilla-enigmail.org> Message-ID: <4A09B58F.8050203@bellsouth.net> -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 Patrick Brunschwig wrote: > And here comes my question: please help us out by lettings us know how > many of your correspondents use a tool like PGP such that they would not > be able to decrypt messages with hidden keys by participating in the > poll on our forum: > As of now I know of 3 + Me. ;) JOHN 8-) Timestamp: Tuesday 12 May 2009, 13:44 --400 (Eastern Daylight Time) -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.10-svn4995: (MingW32) Comment: Public Key at: http://tinyurl.com/8cpho Comment: Gossamer Spider Web of Trust: https://www.gswot.org Comment: Homepage: http://tinyurl.com/yzhbhx iQEcBAEBCgAGBQJKCbWNAAoJEBCGy9eAtCsP9j8IAJIDLevbA/1kSRLtyc2jwaIb /3XmcI7ofgFmhYI9QijbZrmGLI6u1qnqrY66owuL+Z3LAhHDZXOC2B5HQ62Jn1NP NfOA/s2+dV7MvLIF/GrJshHRvdYVXNd6xU8aUjB6+CeTWbu02JayJQaXK2LldsIA /oENbA75xGyXHWaG5E71zI23ywmZs9EKxfVBzC8W9Uig7MJHFMRHADfXRusig7KR hvGJrGmSXu2Q2bBM8znxlAZh9V0Nh95YWCxpdXvtk5FPfLDmSoFc2fN9Qxb/lR2j jk+wIHXwP7cxkqN2PZwxeOKiPc00DNa8NMuAHzfWRD7/lqPhFeRxoSatgybBzmQ= =5105 -----END PGP SIGNATURE----- From olav at mozilla-enigmail.org Wed May 13 07:06:28 2009 From: olav at mozilla-enigmail.org (Olav Seyfarth) Date: Wed, 13 May 2009 16:06:28 +0200 Subject: [Enigmail] Ubuntu Seamonkey Enigmail In-Reply-To: <49DB88F3.1040200@rainydayz.org> References: <49D925FF.3070209@rainydayz.org> <49DB77F7.5070300@fifthhorseman.net> <49DB88F3.1040200@rainydayz.org> Message-ID: <4A0AD3E4.3010101@mozilla-enigmail.org> -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 Hi Andy, >>> New builds for the upcoming 9.04 Jaunty release of Ubuntu >>> http://www.mozilla-enigmail.org/forum/viewtopic.php?f=12&t=588 >> How do these differ from the packages distributed by ubuntu itself? >> http://packages.ubuntu.com/enigmail > The Ubuntu packages only support Thunderbird - these builds are for > Seamonkey. According to http://packages.ubuntu.com/jaunty/enigmail the distro package should work for both Thunderbird and Seamonkey. Does it not? Olav -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.9 (MingW32) Comment: Diese ist eine Digitale Signatur nach OpenPGP-Standard Comment: http://privat.seyfarth.de/olav/schluessel.html iEYEAREIAAYFAkoK0+MACgkQL/NBt8fdKe1+2QCgxEZ2qGms/QMwSDkQsBvhL5fD YWMAn3ovZcWbS3c4bZaFv56D6FOnPtuy =MuVV -----END PGP SIGNATURE----- From andy.ruddock at rainydayz.org Wed May 13 08:56:17 2009 From: andy.ruddock at rainydayz.org (Andy Ruddock) Date: Wed, 13 May 2009 17:56:17 +0200 Subject: [Enigmail] Ubuntu Seamonkey Enigmail In-Reply-To: <4A0AD3E4.3010101@mozilla-enigmail.org> References: <49D925FF.3070209@rainydayz.org> <49DB77F7.5070300@fifthhorseman.net> <49DB88F3.1040200@rainydayz.org> <4A0AD3E4.3010101@mozilla-enigmail.org> Message-ID: <4A0AEDA1.5080206@rainydayz.org> -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Olav Seyfarth wrote: > Hi Andy, > >>>> New builds for the upcoming 9.04 Jaunty release of Ubuntu >>>> http://www.mozilla-enigmail.org/forum/viewtopic.php?f=12&t=588 >>> How do these differ from the packages distributed by ubuntu itself? >>> http://packages.ubuntu.com/enigmail >> The Ubuntu packages only support Thunderbird - these builds are for >> Seamonkey. > > According to http://packages.ubuntu.com/jaunty/enigmail the distro > package should work for both Thunderbird and Seamonkey. Does it not? > > Olav That page does sort of imply that the package will work with seamonkey - but it doesn't. dpkg -l enigmail -> Enigmail - GPG suppport for Thunderbird Also, although the package page indicates that enigmail requires either thunderbird or seamonkey-mailnews, at the top of the page it says "OpenPGP extension for Thunderbird" I've just tried it to be certain. On a machine that already had Thunderbird & Enigmail installed I installed seamonkey. Enigmail support conspicuous by its absence, so I re-installed enigmail - again, no enigmail support in seamonkey. - -- Andy Ruddock - ------------ andy.ruddock at rainydayz.org (GPG Key ID 0xA622D452) -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.9 (GNU/Linux) Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org iEYEARECAAYFAkoK7Z4ACgkQfSkWkaYi1FJhFwCfXGRbPaD5EnNZujkxpNx1fVFR 3o8An2XkrBJuwlPKaZhaTcw88+NxZccH =A4QN -----END PGP SIGNATURE----- From olav at mozilla-enigmail.org Wed May 13 09:18:21 2009 From: olav at mozilla-enigmail.org (Olav Seyfarth) Date: Wed, 13 May 2009 18:18:21 +0200 Subject: [Enigmail] Ubuntu Seamonkey Enigmail In-Reply-To: <4A0AEDA1.5080206@rainydayz.org> References: <49D925FF.3070209@rainydayz.org> <49DB77F7.5070300@fifthhorseman.net> <49DB88F3.1040200@rainydayz.org> <4A0AD3E4.3010101@mozilla-enigmail.org> <4A0AEDA1.5080206@rainydayz.org> Message-ID: <4A0AF2CD.6000802@mozilla-enigmail.org> -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 Hi Andy, thanks a lot for testing. Could you please tell the maintainer team (via launchpad) about your findings (e.g. by posting your last enigmail list message there)? Olav -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.9 (MingW32) Comment: Diese ist eine Digitale Signatur nach OpenPGP-Standard Comment: http://privat.seyfarth.de/olav/schluessel.html iEYEAREIAAYFAkoK8s0ACgkQL/NBt8fdKe1RigCfYhs58Zx/diTFQnxqPo8AB/b9 1h4An2CxNRMZlWkLx1nB+CDdWbbCnNkO =MVym -----END PGP SIGNATURE----- From andy.ruddock at rainydayz.org Wed May 13 10:51:57 2009 From: andy.ruddock at rainydayz.org (Andy Ruddock) Date: Wed, 13 May 2009 19:51:57 +0200 Subject: [Enigmail] Ubuntu Seamonkey Enigmail In-Reply-To: <4A0AF2CD.6000802@mozilla-enigmail.org> References: <49D925FF.3070209@rainydayz.org> <49DB77F7.5070300@fifthhorseman.net> <49DB88F3.1040200@rainydayz.org> <4A0AD3E4.3010101@mozilla-enigmail.org> <4A0AEDA1.5080206@rainydayz.org> <4A0AF2CD.6000802@mozilla-enigmail.org> Message-ID: <4A0B08BD.7010906@rainydayz.org> -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Olav Seyfarth wrote: > Hi Andy, > > thanks a lot for testing. Could you please tell the maintainer team > (via launchpad) about your findings (e.g. by posting your last enigmail > list message there)? > > Olav https://bugs.launchpad.net/ubuntu/+source/enigmail/+bug/376132 - -- Andy Ruddock - ------------ andy.ruddock at rainydayz.org (GPG Key ID 0xA622D452) -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.9 (GNU/Linux) Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org iEYEARECAAYFAkoLCLoACgkQfSkWkaYi1FIuPwCgtshilOvYy6ctQb4u7gzxD6eW 9Z4An2zRjirJ7QAkOSXhik1AN2yGXGg2 =Ydxj -----END PGP SIGNATURE----- From patrick at mozilla-enigmail.org Wed May 13 12:31:32 2009 From: patrick at mozilla-enigmail.org (Patrick Brunschwig) Date: Wed, 13 May 2009 21:31:32 +0200 Subject: [Enigmail] About Supprting BCCed Recipients In-Reply-To: <4A09AAC4.7070708@fifthhorseman.net> References: <4A09933F.3080807@mozilla-enigmail.org> <4A099ADE.4010407@l33tmyst.com> <4A09A1A6.8020007@mozilla-enigmail.org> <4A09AAC4.7070708@fifthhorseman.net> Message-ID: <4A0B2014.3020906@mozilla-enigmail.org> -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 Daniel Kahn Gillmor wrote: > On 05/12/2009 12:19 PM, Patrick Brunschwig wrote: >> I forgot that the forum needs registration. Those who don't want to >> register can send an email to the following address: >> poll at mozilla-enigmail.org >> >> Please indicate your answer to the following question: >> >> How many of your correspondents use a product (like PGP) that doesn't >> support hidden keys? >> >> [ ] More than 50% >> [ ] Between 20% and 50% >> [ ] Less than 20% >> [ ] None (i.e. 0%) >> [ ] I don't know what software my correspondents use for encrypting messages > > I believe that everyone who participates on public mailing lists like > this one *must* answer in the latter category, simply because we have no > idea who else is subscribed to the lists we use. Of course, mails sent > to lists are not usually encrypted so perhaps this doesn't matter. Right, in addition I wouldn't necessarily call mailing lists as "correspondents"; you often don't write mails to someone specifically on a mailing list. > Perhaps it should be rephrased as "how many people do you send encrypted > mail to that cannot read it with hidden keys?" Even so, it seems like > we might be asking the wrong people. I'm very well aware of the fact that most (if not very close to all) people subscribed to this mailing list are using GnuPG and/or are otherwise interested in Enigmail or Open Source software. This certainly leads to a biased result. However, other user groups might not even know what software they use for encryption, not to talk of their correspondents. > Also, please don't enable hidden recipients by setting --no-throw-ids, > which paints with far too wide a brush. Better to use > --hidden-recipient for the specifically Bcc'ed folks. > > Most simply, i could see this as the default behavior > (--hidden-recipient for Bcc), with the ability to set a per-recipient > rule disabling the feature. As with most features, it's possible to design simple ways to support them, like adding "--no-throw-keyids" (which would take me less than 1 hour to implement and test), and complex solutions that go as far as extending the per-recipient rules (which would require at least several days of work). Given that I'm working on Enigmail during my very limited free time, you might agree that I'm probably better off developing something really useful, and not invest several days just to support the special case of a few users who want to fully automate the sending of encrypted messages to BCC'ed recipients who use software that doesn't fully support some specific optional part of the OpenPGP standard ;-) - -Patrick -----BEGIN PGP SIGNATURE----- Version: GnuPG v2.0.11 (GNU/Linux) Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org/ iQEVAwUBSgsgEncOpHodsOiwAQg5XAf/XwbLpT2k+6aCVL2XQnBk5jP/BdAs0YF3 dH1Ju9vAuvkcGApltmzlF1SOxndc+cz2uDEfAVkVG5fifbyQw8EEx0PYkjgMRFzh UdhDgWKhNov9p3YdtN9/8bMy+zfFmDJGKQuia0mQSA9f9zlO1NKaI9mrfqWYXvPo OBUzYUU9k7V3K0Jz/0BWzFTTWq5YpLiGqEy/KcpoG/b7i0cc6Nu1KlP2OcOOtQPb QRKWIKrLYWuVza+88TGwVjHaIcDeJNO+EGdtQO/+yINN4p6Alqj3QKORvLlAX7qE bj1kR+gsdKJ59YSDbUiw8tdyL6FVqCPvcjY4YfgUKhQPqa+8MeixQg== =L1P6 -----END PGP SIGNATURE----- From dkg at fifthhorseman.net Wed May 13 13:12:23 2009 From: dkg at fifthhorseman.net (Daniel Kahn Gillmor) Date: Wed, 13 May 2009 16:12:23 -0400 Subject: [Enigmail] About Supprting BCCed Recipients In-Reply-To: <4A0B2014.3020906@mozilla-enigmail.org> References: <4A09933F.3080807@mozilla-enigmail.org> <4A099ADE.4010407@l33tmyst.com> <4A09A1A6.8020007@mozilla-enigmail.org> <4A09AAC4.7070708@fifthhorseman.net> <4A0B2014.3020906@mozilla-enigmail.org> Message-ID: <4A0B29A7.5080908@fifthhorseman.net> On 05/13/2009 03:31 PM, Patrick Brunschwig wrote: > As with most features, it's possible to design simple ways to support > them, like adding "--no-throw-keyids" (which would take me less than 1 > hour to implement and test), and complex solutions that go as far as > extending the per-recipient rules (which would require at least several > days of work). I appreciate that extending per-recipient rules is more work. But please don't just add --throw-keyids (note that the negation is a little wacky on this option) in general, because it adds additional cost to *every* recipient, not just the Bcc contacts. Each client will need to try to decrypt every session key in turn until they find the one that is encrypted to their key. For messages with N recipients, this increases the time to decrypt the message by a factor of N/2. As keysizes get larger, this cost scales up :( > Given that I'm working on Enigmail during my very limited free time, you > might agree that I'm probably better off developing something really > useful, and not invest several days just to support the special case of > a few users who want to fully automate the sending of encrypted messages > to BCC'ed recipients who use software that doesn't fully support some > specific optional part of the OpenPGP standard ;-) If we're making those kind of tradeoffs (i think they're reasonable tradeoffs to make), i'd say that adding --hidden-recipient for each Bcc'ed recipient is the way to go, and leave per-recipient rules as a later project if people complain. This keeps the the UI cleaner anyway. --dkg -------------- next part -------------- A non-text attachment was scrubbed... Name: signature.asc Type: application/pgp-signature Size: 890 bytes Desc: OpenPGP digital signature URL: From John at Mozilla-Enigmail.org Wed May 13 13:48:30 2009 From: John at Mozilla-Enigmail.org (John Clizbe) Date: Wed, 13 May 2009 15:48:30 -0500 Subject: [Enigmail] About Supprting BCCed Recipients In-Reply-To: <4A0B29A7.5080908@fifthhorseman.net> References: <4A09933F.3080807@mozilla-enigmail.org> <4A099ADE.4010407@l33tmyst.com> <4A09A1A6.8020007@mozilla-enigmail.org> <4A09AAC4.7070708@fifthhorseman.net> <4A0B2014.3020906@mozilla-enigmail.org> <4A0B29A7.5080908@fifthhorseman.net> Message-ID: <4A0B321E.1040401@Mozilla-Enigmail.org> Daniel Kahn Gillmor wrote: > On 05/13/2009 03:31 PM, Patrick Brunschwig wrote: > I appreciate that extending per-recipient rules is more work. But > please don't just add --throw-keyids (note that the negation is a little > wacky on this option) in general, because it adds additional cost to > *every* recipient, not just the Bcc contacts. Each client will need to > try to decrypt every session key in turn until they find the one that is > encrypted to their key. > > For messages with N recipients, this increases the time to decrypt the > message by a factor of N/2. As keysizes get larger, this cost scales up :( > >> Given that I'm working on Enigmail during my very limited free time, you >> might agree that I'm probably better off developing something really >> useful, and not invest several days just to support the special case of >> a few users who want to fully automate the sending of encrypted messages >> to BCC'ed recipients who use software that doesn't fully support some >> specific optional part of the OpenPGP standard ;-) > > If we're making those kind of tradeoffs (i think they're reasonable > tradeoffs to make), i'd say that adding --hidden-recipient for each > Bcc'ed recipient is the way to go, and leave per-recipient rules as a > later project if people complain. This keeps the the UI cleaner anyway. --hidden-recipient _WAS_ the suggested method from the beginning. https://www.mozdev.org/bugs/show_bug.cgi?id=20867 Summary:RFE: Pass BCC recip to gpg with --hidden-recipient instead of -r -- John P. Clizbe Inet:John (a) Mozilla-Enigmail.org You can't spell fiasco without SCO. hkp://keyserver.gingerbear.net or mailto:pgp-public-keys at gingerbear.net?subject=HELP Q:"Just how do the residents of Haiku, Hawai'i hold conversations?" A:"An odd melody / island voices on the winds / surplus of vowels" -------------- next part -------------- A non-text attachment was scrubbed... Name: signature.asc Type: application/pgp-signature Size: 678 bytes Desc: OpenPGP digital signature URL: From patrick at mozilla-enigmail.org Wed May 13 13:57:03 2009 From: patrick at mozilla-enigmail.org (Patrick Brunschwig) Date: Wed, 13 May 2009 22:57:03 +0200 Subject: [Enigmail] About Supprting BCCed Recipients In-Reply-To: <4A0B29A7.5080908@fifthhorseman.net> References: <4A09933F.3080807@mozilla-enigmail.org> <4A099ADE.4010407@l33tmyst.com> <4A09A1A6.8020007@mozilla-enigmail.org> <4A09AAC4.7070708@fifthhorseman.net> <4A0B2014.3020906@mozilla-enigmail.org> <4A0B29A7.5080908@fifthhorseman.net> Message-ID: <4A0B341F.8050404@mozilla-enigmail.org> -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 Daniel Kahn Gillmor wrote: > On 05/13/2009 03:31 PM, Patrick Brunschwig wrote: >> As with most features, it's possible to design simple ways to support >> them, like adding "--no-throw-keyids" (which would take me less than 1 >> hour to implement and test), and complex solutions that go as far as >> extending the per-recipient rules (which would require at least several >> days of work). > > I appreciate that extending per-recipient rules is more work. But > please don't just add --throw-keyids (note that the negation is a little > wacky on this option) in general, because it adds additional cost to > *every* recipient, not just the Bcc contacts. Each client will need to > try to decrypt every session key in turn until they find the one that is > encrypted to their key. Of course I'm aware of the implications. But unfortunately, it seems that GnuPG also tries to alwys probe the anonymous key ID's -- even if some known key ID with existing secret key is available. But that's a different story. In any case, I would not introduce a potential compatibility issue with other systems without informing or asking the user. > For messages with N recipients, this increases the time to decrypt the > message by a factor of N/2. As keysizes get larger, this cost scales up :( > >> Given that I'm working on Enigmail during my very limited free time, you >> might agree that I'm probably better off developing something really >> useful, and not invest several days just to support the special case of >> a few users who want to fully automate the sending of encrypted messages >> to BCC'ed recipients who use software that doesn't fully support some >> specific optional part of the OpenPGP standard ;-) > > If we're making those kind of tradeoffs (i think they're reasonable > tradeoffs to make), i'd say that adding --hidden-recipient for each > Bcc'ed recipient is the way to go, and leave per-recipient rules as a > later project if people complain. This keeps the the UI cleaner anyway. Unfortunately this option is not always feasible (which is the main reason for the poll). Imagine an email sent to R1 and R2, bcc: to B1 and B2. For whatever reason R2 and B2 don't have a key corresponding to their email address, nor any defined per-recipient rules. The key selection dialog is opened and the user selects the two additional keys. But ... which of the selected keys belongs to B2 and should be hidden? The dialog can't link the not found email addresses with the selected keys. All it does is to create a list of key ID's, starting with some given email addresses plus user input to (de-)select keys. - -Patrick -----BEGIN PGP SIGNATURE----- Version: GnuPG v2.0.11 (GNU/Linux) Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org/ iQEVAwUBSgs0HncOpHodsOiwAQjNywf/T1KT2jY8HOFXXuCi4rmFO0Gu9JPM5/Y1 0n7T6dgFDlbgMMqBRWmySW0jzm6I/ixDvq9EiSXfYLBffwX+Wx0KydElNs0MuWT8 LWGIM2OPC/ore6N5e7QCCMVWkEJ0CmPPZVTpeYInjULS0mpwaujw2S5awyK7hSrd WMR3MvaoJT8Zdx4fJQQ+VjJxHQZe0oh+pY8bEgXDugahKiC6/C901tBRAJOy8XY+ ZiSIpc4n6Qc4FAJ8V9enNsh85540oruQb4324TYnWO2RShMmr4kF+xJvpF7AxSNY qrTl3U4cGJGBX2X5/suTxE3Flsdd4v+9oV24NOkbutm7t+vOqvuySg== =bJT1 -----END PGP SIGNATURE----- From rjh at sixdemonbag.org Wed May 13 14:01:34 2009 From: rjh at sixdemonbag.org (Robert J. Hansen) Date: Wed, 13 May 2009 17:01:34 -0400 Subject: [Enigmail] About Supprting BCCed Recipients In-Reply-To: <4A0B321E.1040401@Mozilla-Enigmail.org> References: <4A09933F.3080807@mozilla-enigmail.org> <4A099ADE.4010407@l33tmyst.com> <4A09A1A6.8020007@mozilla-enigmail.org> <4A09AAC4.7070708@fifthhorseman.net> <4A0B2014.3020906@mozilla-enigmail.org> <4A0B29A7.5080908@fifthhorseman.net> <4A0B321E.1040401@Mozilla-Enigmail.org> Message-ID: <4A0B352E.6000801@sixdemonbag.org> John Clizbe wrote: > https://www.mozdev.org/bugs/show_bug.cgi?id=20867 > Summary:RFE: Pass BCC recip to gpg with --hidden-recipient instead of -r Given this RFE has such a large potential impact on users and there is no consensus for if it should be implemented, I think this RFE needs to be tagged NOTNOW and work shifted to other things in the RFE queue. I do not think this RFE is ripe for implementation. Let's keep discussing it, sure -- but let's not implement it now. Six months from now, maybe. From John at Mozilla-Enigmail.org Wed May 13 14:11:39 2009 From: John at Mozilla-Enigmail.org (John Clizbe) Date: Wed, 13 May 2009 16:11:39 -0500 Subject: [Enigmail] About Supprting BCCed Recipients In-Reply-To: <4A0B352E.6000801@sixdemonbag.org> References: <4A09933F.3080807@mozilla-enigmail.org> <4A099ADE.4010407@l33tmyst.com> <4A09A1A6.8020007@mozilla-enigmail.org> <4A09AAC4.7070708@fifthhorseman.net> <4A0B2014.3020906@mozilla-enigmail.org> <4A0B29A7.5080908@fifthhorseman.net> <4A0B321E.1040401@Mozilla-Enigmail.org> <4A0B352E.6000801@sixdemonbag.org> Message-ID: <4A0B378B.3050904@Mozilla-Enigmail.org> Robert J. Hansen wrote: > John Clizbe wrote: >> https://www.mozdev.org/bugs/show_bug.cgi?id=20867 >> Summary:RFE: Pass BCC recip to gpg with --hidden-recipient instead of -r > > Given this RFE has such a large potential impact on users and there is > no consensus for if it should be implemented, I think this RFE needs to > be tagged NOTNOW and work shifted to other things in the RFE queue. > > I do not think this RFE is ripe for implementation. Let's keep > discussing it, sure -- but let's not implement it now. Six months from > now, maybe. Given Patrick's clarification about the key selection dialog, I agree. That's an awfully snarly issue that needs resolved first. Let's take it back to the devel list and beat on it a bit more. -- John P. Clizbe Inet:John (a) Mozilla-Enigmail.org You can't spell fiasco without SCO. hkp://keyserver.gingerbear.net or mailto:pgp-public-keys at gingerbear.net?subject=HELP Q:"Just how do the residents of Haiku, Hawai'i hold conversations?" A:"An odd melody / island voices on the winds / surplus of vowels" -------------- next part -------------- A non-text attachment was scrubbed... Name: signature.asc Type: application/pgp-signature Size: 678 bytes Desc: OpenPGP digital signature URL: From ammdias at gmail.com Wed May 13 14:08:49 2009 From: ammdias at gmail.com (Antonio Manuel Dias) Date: Wed, 13 May 2009 22:08:49 +0100 Subject: [Enigmail] About Supprting BCCed Recipients In-Reply-To: <4A0B341F.8050404@mozilla-enigmail.org> References: <4A09933F.3080807@mozilla-enigmail.org> <4A099ADE.4010407@l33tmyst.com> <4A09A1A6.8020007@mozilla-enigmail.org> <4A09AAC4.7070708@fifthhorseman.net> <4A0B2014.3020906@mozilla-enigmail.org> <4A0B29A7.5080908@fifthhorseman.net> <4A0B341F.8050404@mozilla-enigmail.org> Message-ID: <4A0B36E1.8060801@gmail.com> -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 Hello. Patrick Brunschwig escreveu: > Unfortunately this option is not always feasible (which is the main > reason for the poll). Imagine an email sent to R1 and R2, bcc: to B1 and > B2. For whatever reason R2 and B2 don't have a key corresponding to > their email address, nor any defined per-recipient rules. The key > selection dialog is opened and the user selects the two additional keys. > But ... which of the selected keys belongs to B2 and should be hidden? > The dialog can't link the not found email addresses with the selected > keys. All it does is to create a list of key ID's, starting with some > given email addresses plus user input to (de-)select keys. I think this could be solved by presenting the key selection dialog two times, one for the 'normal' recipients (TO and CC) and another for the BCC recipients. This way enigmail would know to which keys to add the - --hidden-recipient switch. - -- Ant?nio Manuel Dias http://maracuja.homeip.net -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.9 (GNU/Linux) Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org iEYEAREKAAYFAkoLNtsACgkQQA/4v1NM9BGWqACgitrSY5m6EphOp79740/9mlZM hkAAoIKBdDF60rr9NCwSsYO6zqf8HfhY =2cxy -----END PGP SIGNATURE----- From rjh at sixdemonbag.org Wed May 13 17:48:44 2009 From: rjh at sixdemonbag.org (Robert J. Hansen) Date: Wed, 13 May 2009 20:48:44 -0400 Subject: [Enigmail] About Supprting BCCed Recipients In-Reply-To: <4A0B36E1.8060801@gmail.com> References: <4A09933F.3080807@mozilla-enigmail.org> <4A099ADE.4010407@l33tmyst.com> <4A09A1A6.8020007@mozilla-enigmail.org> <4A09AAC4.7070708@fifthhorseman.net> <4A0B2014.3020906@mozilla-enigmail.org> <4A0B29A7.5080908@fifthhorseman.net> <4A0B341F.8050404@mozilla-enigmail.org> <4A0B36E1.8060801@gmail.com> Message-ID: <4A0B6A6C.8040405@sixdemonbag.org> Antonio Manuel Dias wrote: > I think this could be solved by presenting the key selection dialog two > times, one for the 'normal' recipients (TO and CC) and another for the > BCC recipients. This way enigmail would know to which keys to add the > --hidden-recipient switch. Unacceptable. We had this discussion on the -devel list a while ago, when we took a look at in the worst case how many screens Enigmail will pop up at you before you're actually able to send your email. It was either seven or nine, I don't remember which. I don't want to see it become either eight or ten. From patrick at mozilla-enigmail.org Wed May 13 23:26:45 2009 From: patrick at mozilla-enigmail.org (Patrick Brunschwig) Date: Thu, 14 May 2009 08:26:45 +0200 Subject: [Enigmail] About Supprting BCCed Recipients In-Reply-To: <4A0B352E.6000801@sixdemonbag.org> References: <4A09933F.3080807@mozilla-enigmail.org> <4A099ADE.4010407@l33tmyst.com> <4A09A1A6.8020007@mozilla-enigmail.org> <4A09AAC4.7070708@fifthhorseman.net> <4A0B2014.3020906@mozilla-enigmail.org> <4A0B29A7.5080908@fifthhorseman.net> <4A0B321E.1040401@Mozilla-Enigmail.org> <4A0B352E.6000801@sixdemonbag.org> Message-ID: <4A0BB9A5.3020209@mozilla-enigmail.org> -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 Robert J. Hansen wrote: > John Clizbe wrote: >> https://www.mozdev.org/bugs/show_bug.cgi?id=20867 >> Summary:RFE: Pass BCC recip to gpg with --hidden-recipient instead of -r > > Given this RFE has such a large potential impact on users and there is > no consensus for if it should be implemented, I think this RFE needs to > be tagged NOTNOW and work shifted to other things in the RFE queue. > > I do not think this RFE is ripe for implementation. Let's keep > discussing it, sure -- but let's not implement it now. Six months from > now, maybe. I tend to disagree here: currently, Enigmail doesn't allow to send emails to BCC'ed users at all. Thus, any solution that allows to send encrypted emails to BCC'ed users is an improvement; at least as long as the users are informed about the consequences and can decide how to proceed. Even if we only reach a (simple) 80% solution in a 1st step, it's still better than disallowing BCC-emails completely. Thus I think it's still worth doing it. - -Patrick -----BEGIN PGP SIGNATURE----- Version: GnuPG v2.0.11 (GNU/Linux) Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org/ iQEVAwUBSgu5oncOpHodsOiwAQjLCwgAsv7LGRVmSLWt2el2gPLEvUyHa3mUQFiU O9BSvfaNfbw8mXrpNwtxhsCKU0Od/MbM3VDqZtRAGHYH99pWbCddQ0svVMjCr46P c41EpoMKJNZwtR40+s1xcMIiJsgOdjPoBHlHlhoPsp4rmuByiaOqLSR6xAFkeD2x Nex6g4skHIoECO8mDI0Wv9LycEEfuNHVygNkrnyqhyFPLp5Zl3PcJ7gJ/nXm96fc oxFgZv2iqlL/mDUw+FSrcukrZQYhz/dSmfeKisaDjtMtOhL1QIeQKjB0kEwWsi2X NMAj5D0S5vfPYS3JEkka7lldM1R4jZRA68P3cnxE2lAiNv3e6q1KNw== =INRZ -----END PGP SIGNATURE----- From Liste at FamilleCollet.com Sat May 23 04:20:19 2009 From: Liste at FamilleCollet.com (Remi Collet) Date: Sat, 23 May 2009 13:20:19 +0200 Subject: [Enigmail] Enigmail on Fedora / RHEL / CentOS Message-ID: <4A17DBF3.6030205@FamilleCollet.com> Hi, Enigmail will be shortly available on RpmFusion repository. http://rpmfusion.org/ Will provides : enigmail 0.95.7 for Fedora 9, 10 and EL 5 (thunderbird 2.0.0.21) enigmail 0.96a (20090521) for Fedora 11 (thunderbird 3.0b2) I will stil provides it on remi repository for "backport" version of thunderbird on older Fedora. During all the tests done, I noticed 0.95.7 run well with TH 2.x and is disabled with TH 3.x : OK. 0.96a run well with TH 3.0b2 ou 3.0b3pre but is not disabled with TH 2.x and it crash... (quite normal I think). Should the minVersion be raised ? Regards From andreas.fenner at thalesgroup.com Sat May 23 07:00:11 2009 From: andreas.fenner at thalesgroup.com (andreas.fenner at thalesgroup.com) Date: Sat, 23 May 2009 16:00:11 +0200 Subject: [Enigmail] Andreas Fenner is out of the office. Message-ID: An HTML attachment was scrubbed... URL: From patrick at mozilla-enigmail.org Sat May 23 07:36:55 2009 From: patrick at mozilla-enigmail.org (Patrick Brunschwig) Date: Sat, 23 May 2009 16:36:55 +0200 Subject: [Enigmail] Enigmail on Fedora / RHEL / CentOS In-Reply-To: <4A17DBF3.6030205@FamilleCollet.com> References: <4A17DBF3.6030205@FamilleCollet.com> Message-ID: <4A180A07.4090600@mozilla-enigmail.org> -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 Remi Collet wrote: > Hi, > > Enigmail will be shortly available on RpmFusion repository. > http://rpmfusion.org/ > > Will provides : > enigmail 0.95.7 for Fedora 9, 10 and EL 5 (thunderbird 2.0.0.21) > enigmail 0.96a (20090521) for Fedora 11 (thunderbird 3.0b2) > > I will stil provides it on remi repository for "backport" version of > thunderbird on older Fedora. > > During all the tests done, I noticed > > 0.95.7 run well with TH 2.x and is disabled with TH 3.x : OK. > > 0.96a run well with TH 3.0b2 ou 3.0b3pre but is not disabled with TH 2.x > and it crash... (quite normal I think). > > Should the minVersion be raised ? Hi Remi That's great news! The minVersion does not need to be raised in general in the source code since the Enigmail trunk can be compiled for TB2 and TB3. However, if you have a binary for TB3, then it will crash on TB2 and vice versa. Thus, if you have a compiled (binary) version of Enigmail, you might want to adjust the minVersion and maxVersion (and the supported applications and supported platforms) according to your needs. - -Patrick -----BEGIN PGP SIGNATURE----- Version: GnuPG v2.0.11 (GNU/Linux) Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org/ iQEVAwUBShgKBncOpHodsOiwAQh3rQf/SnRW0grY+NIKYlRvkpy4zwXusfO6mZGn ogceQNOVzRAwRCyyxMNAuHX6fKJkb1MueLYDiBue6fdDhyv5DYHgQwVwbuoa1kdQ isn+MNApYwd912Ahmjk2zzmvPSoRd9U5ZXf+iP01piw2U6yP6mEHdyqwCN7MZpK7 UImKTEk/LqcHhcB8F6K4D5H3mquzrQvmr0HqMgnZDTW+JDi0VZwnvs6Y9SSf9dA2 vN2qt3D6dViOCEyUIju6WUeXv1WQI7rpR8xin0/w564dmHdCqX1YzSH65n9Hfly2 GfFblii6bVbbb02CnIr6t6jbap6yscGr6iqWUGw4z8n+RzudmEsF3w== =7EPJ -----END PGP SIGNATURE----- From matt.hickford at gmail.com Thu May 21 08:36:59 2009 From: matt.hickford at gmail.com (Matt Hickford) Date: Thu, 21 May 2009 16:36:59 +0100 Subject: [Enigmail] Enigmail for Thunderbird 3 on 64 bit Linux Message-ID: <4A15751B.7090407@gmail.com> Hi Has anyone built an Enigmail nightly (compatible with Thunderbird 3) for 64 bit Linux? At present on the downloads page, builds for 64 bit Linux and Thunderbird 3 are mutually exclusive. I wish to use Enigmail on Fedora 11, which ships with Thunderbird 3 beta. If no-one has a build, I shall myself attempt to compile, if successful I shall post the build here. Matt From b.sullivan83 at gmail.com Mon May 25 09:17:17 2009 From: b.sullivan83 at gmail.com (Brendan Sullivan) Date: Mon, 25 May 2009 12:17:17 -0400 Subject: [Enigmail] Enigmail 'latched' onto invalide gpg key Message-ID: <4A1AC48D.9030307@gmail.com> Hello all, I've recently tried to register a gpg key (first one ever) and at the same time installed enigmail for Thunderbird. I didn't realize enigmail would handle that for me, so at the cmd line I ran: gpg --gen-key and ran through the options and set it up and then : gpg --server keyserver.ubuntu.com --send-keys waited for my confirmation email, and in the mean time, setup enigmail (via the initial wizard) with my new gpg key and associated it with my primary email account. When the confirmation email came I got a surprise. I must have mistyped my ~25 character passphrase twice as I could not unlock the encrypted confirmation email from the keyserver. At this point I didn't know about revocation certificates so I just deleted the key and started over. Registered the new key, updated my new key in enigmail and it /decrypted/ my confirmation email just fine. However when i went to compose an email and send it, I got the following error : gpg command line and output: /usr/bin/gpg --charset utf8 --batch --no-tty --status-fd 2 -t --clearsign -u 0xD9084941 --use-agent gpg: skipped "0xD9084941":secret key not available gpg: [stdin]: clearsign failed: secret key not available Now, the problem is that D9084941 is that 'first key' that I do not have the secret (or public) files for anymore....and no matter what I do I can't get enigmail to use my new current key FOR SENDING email that is setup and registered and works for decrypting mail in Thunderbird. Does anyone have any ideas? Sorry for being so wordy, I'm really confused as to what is not getting configured correctly. If you need any more info please let me know. Thanks -Brendan From hrickards at l33tmyst.com Mon May 25 09:44:23 2009 From: hrickards at l33tmyst.com (Harry Rickards) Date: Mon, 25 May 2009 17:44:23 +0100 Subject: [Enigmail] Test encrypted email Message-ID: <4A1ACAE7.7060306@l33tmyst.com> -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Please could someone send me a test encrypted email encrypted to GPG Key ID 646ED06A, so I can test whether I've got everything setup correctly. If needed, my public key's at http://pgp.mit.edu:11371/pks/lookup?op=get&search=0x646ED06A. Thanks - -- Many thanks Harry Rickards (GPG Key ID:646ED06A) - -----BEGIN GEEK CODE BLOCK----- Version: 3.1 GAT/GCM/GCS/GCC/GIT/GM d? s: a? C++++ UL++++ P- L+++ E--- W+++ N o K+ w--- O- M- V- PS+ PE Y+ PGP++ t 5 X R tv-- b+++ DI D---- G e* h! !r y? - ------END GEEK CODE BLOCK------ -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.9 (GNU/Linux) Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org/ iEYEARECAAYFAkoayuYACgkQ1kZz3mRu0Gpq3wCgq7l5R1oNBceaSZKiC03elNcu zikAn3XNDAYgdoNF3kPaxox18ENOcpcW =T7LK -----END PGP SIGNATURE----- From hrickards at l33tmyst.com Mon May 25 09:54:55 2009 From: hrickards at l33tmyst.com (Harry Rickards) Date: Mon, 25 May 2009 17:54:55 +0100 Subject: [Enigmail] Test encrypted email In-Reply-To: <4A1ACC70.5050104@rainydayz.org> References: <4A1ACAE7.7060306@l33tmyst.com> <4A1ACC70.5050104@rainydayz.org> Message-ID: <4A1ACD5F.4040609@l33tmyst.com> -----BEGIN PGP MESSAGE----- Version: GnuPG v1.4.9 (GNU/Linux) hQIOA4NJ3of74jIGEAf/WxaxsBdKaXVBphWge0ile2J8WsQad6lwybgU/g4dKvOz 59632+JtXdMrZkodhZpBbvFTfI4ajU3QJ1+bqQ2s1ZJMrfft23Gh9WpD0JdEqT08 zfWCAEyQAf9XCxgTvtn0dxQQHTDUe1OolZ3fqiZQDmj/av+6sbroO5xTzQoNfBMp pdOIm/zpWFLUMKjJlfVLV/LzpOSD/zN1dlW+sr7ycEdjk6Qf4gMj64NJZkrrw3xD FL4vgZUgrXrIYhhd5XwdQGgwZlybOmbFsXVCMYFT5xv/VrRSreVjJwvTKpqNTKNR 8KQ5XKYDzPLVfvAKIuaTX0BHUvYyGztlo5AC3/mhPgf8CbEeuiqZj6dJX1ed2PC7 bw6WtHhSZrvLTDB+DFi7OmJxdv93UKO6IpEm1LrRQdQQ8+ycrz3aKNvB1bJvrTUo 6Q+hGLcp4nCe2auBGvc+7iCU8JB37gHFj7VXta6H/sy6XpWCx70OSKp/eownhFS6 /07tUAuNikhBBKUmeiLzXe0kbMoSl/IVEEM7PU/SfakBYBOTUqYy/fRGVL52topM 9h/3sfS6RshuVH3HB9D30GfGaTKjrtP1QWne2b3w0jxu18sPr9pUqQ49JL8xB9Lk AZDf6Xsh+0XWX+rSXaUiTedO8/92TxqcVi8RAaTfqENN0QMa6/OTtbS4arlUYyT1 89LpAR0Gk1fF34ZqW0NLLdaAa7/eT+63cLI5YV0t6RvWtDxlW0vZUs1LVSpcGmRA 0h+/pH5cOPwwtu9y0XLdt62I52toxsQobcNBUsDkovFk5+UDsIhuQlKh/0FZ2SIt csrsXOeqlhv+iL4PRotUQ3MO96FsfyvxegEY+3c/GlYXg8tjDzZWlKCb+be5MkFp qmHbKaLYIEN97hZMujvg4pLfAZLnHKUSKReoYPpyeEImRsvaJzYYRrrT+Nd+Vkcb Nh6B9LgcuAE7OXe/uuuM2HSnK2S23rdhMiV9sj8ENfHdz6E2z6LSrlQInQmIc0mL aNZBJY8JixFq6+AWDB+R5Tya4xHrK1l5B5exP355j//fNXcY3Cb5zkw6Rqc8p51l J33bLQWm8uIerqFnwy02erZgQRv0RphaDN6+6xOJ/KCYw8yEy+9s2PFnA8NoAhqE PLPTb2chT6K1EXNm7xr/RyPY3ot0QIEC53x4TSrtHi24pdJODcNQVDXRtyER5fW6 JkXCBEdOYQg4l/B07VQQ6qK27m2JjdeIpRVtDq8J37hlHcBkEJZJ9UybqRf01+ra gcvJ/qvQ6+06y3z7fFbtfRfnMEuPOH90nAfnWUts6ENa5rCKUw/Ot1U5efAy9ssV 2RoV9lf1JFpcj1663vu1TT2R+g1Pai66Ms2tG2cz6VMz3lwqBjV1V+iNR4yW5ssw V+27rv+Y+u6T6l/IQrNpMBH6ftlF4w8oe/tUyUX3 =HRmC -----END PGP MESSAGE----- To the rest of the list, I was just saying okay. From Liste at FamilleCollet.com Mon May 25 10:15:10 2009 From: Liste at FamilleCollet.com (Remi Collet) Date: Mon, 25 May 2009 19:15:10 +0200 Subject: [Enigmail] Enigmail for Thunderbird 3 on 64 bit Linux In-Reply-To: <4A15751B.7090407@gmail.com> References: <4A15751B.7090407@gmail.com> Message-ID: <4A1AD21E.5060104@FamilleCollet.com> Le 21/05/2009 17:36, Matt Hickford a ?crit : > Hi > > Has anyone built an Enigmail nightly (compatible with Thunderbird 3) for > 64 bit Linux? > > At present on the downloads page, builds for 64 bit Linux and > Thunderbird 3 are mutually exclusive. I wish to use Enigmail on Fedora > 11, which ships with Thunderbird 3 beta. If no-one has a build, I shall > myself attempt to compile, if successful I shall post the build here. thunderbird-enigmail is available on RpmFusion[1][2] So : yum install thunderbird-enigmail + [1] http://rpmfusion.org/ [2] http://download1.rpmfusion.org/free/fedora/development/x86_64/os/repoview/thunderbird-enigmail.html > > Matt > _______________________________________________ > Enigmail mailing list > Enigmail at mozdev.org > https://www.mozdev.org/mailman/listinfo/enigmail > From John at Mozilla-Enigmail.org Mon May 25 10:16:00 2009 From: John at Mozilla-Enigmail.org (John Clizbe) Date: Mon, 25 May 2009 12:16:00 -0500 Subject: [Enigmail] Test encrypted email In-Reply-To: <4A1ACAE7.7060306@l33tmyst.com> References: <4A1ACAE7.7060306@l33tmyst.com> Message-ID: <4A1AD250.9090100@Mozilla-Enigmail.org> Harry Rickards wrote: > Please could someone send me a test encrypted email encrypted to GPG Key > ID 646ED06A, so I can test whether I've got everything setup correctly. Believe it or not, the simplest test is to send yourself encrypted email. I've use that technique many times when testing things. > If needed, my public key's at > http://pgp.mit.edu:11371/pks/lookup?op=get&search=0x646ED06A. Please Please Please Do NOT use that server. The code is unmaintained and for many new features of RFC 2440 is considered broken. Please use something more recent like pool.sks-keyservers.net. ++++++++++++++ In response to the other message you sent, please do not send encrypted messages to the list -- it makes the nuns at the Scary Devil Monastery[1] attach lead pipe to their rulers. [1] http://catb.org/~esr/jargon/html/S/scary-devil-monastery.html -- John P. Clizbe Inet:John (a) Mozilla-Enigmail.org You can't spell fiasco without SCO. hkp://keyserver.gingerbear.net or mailto:pgp-public-keys at gingerbear.net?subject=HELP Q:"Just how do the residents of Haiku, Hawai'i hold conversations?" A:"An odd melody / island voices on the winds / surplus of vowels" -------------- next part -------------- A non-text attachment was scrubbed... Name: signature.asc Type: application/pgp-signature Size: 678 bytes Desc: OpenPGP digital signature URL: From david.owens at Safe-mail.net Mon May 25 10:18:59 2009 From: david.owens at Safe-mail.net (david.owens at Safe-mail.net) Date: Mon, 25 May 2009 13:18:59 -0400 Subject: [Enigmail] test Message-ID: test From John at Mozilla-Enigmail.org Mon May 25 10:26:49 2009 From: John at Mozilla-Enigmail.org (John Clizbe) Date: Mon, 25 May 2009 12:26:49 -0500 Subject: [Enigmail] test In-Reply-To: References: Message-ID: <4A1AD4D9.1030900@Mozilla-Enigmail.org> david.owens at Safe-mail.net wrote: > test What were you testing? -- John P. Clizbe Inet:John (a) Mozilla-Enigmail.org You can't spell fiasco without SCO. hkp://keyserver.gingerbear.net or mailto:pgp-public-keys at gingerbear.net?subject=HELP Q:"Just how do the residents of Haiku, Hawai'i hold conversations?" A:"An odd melody / island voices on the winds / surplus of vowels" -------------- next part -------------- A non-text attachment was scrubbed... Name: signature.asc Type: application/pgp-signature Size: 678 bytes Desc: OpenPGP digital signature URL: From hrickards at l33tmyst.com Mon May 25 10:29:23 2009 From: hrickards at l33tmyst.com (Harry Rickards) Date: Mon, 25 May 2009 18:29:23 +0100 Subject: [Enigmail] Test encrypted email In-Reply-To: <4A1AD250.9090100@Mozilla-Enigmail.org> References: <4A1ACAE7.7060306@l33tmyst.com> <4A1AD250.9090100@Mozilla-Enigmail.org> Message-ID: <4A1AD573.6000006@l33tmyst.com> -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 On 05/25/09 18:16, John Clizbe wrote: > Harry Rickards wrote: >> Please could someone send me a test encrypted email encrypted to GPG Key >> ID 646ED06A, so I can test whether I've got everything setup correctly. > > Believe it or not, the simplest test is to send yourself encrypted > email. I've use that technique many times when testing things. > >> If needed, my public key's at >> http://pgp.mit.edu:11371/pks/lookup?op=get&search=0x646ED06A. > > Please Please Please Do NOT use that server. The code is unmaintained > and for many new features of RFC 2440 is considered broken. > > Please use something more recent like pool.sks-keyservers.net. > > ++++++++++++++ > In response to the other message you sent, please do not send encrypted > messages to the list -- it makes the nuns at the Scary Devil > Monastery[1] attach lead pipe to their rulers. > > > [1] http://catb.org/~esr/jargon/html/S/scary-devil-monastery.html > > > > ------------------------------------------------------------------------ > > _______________________________________________ > Enigmail mailing list > Enigmail at mozdev.org > https://www.mozdev.org/mailman/listinfo/enigmail Okay, thanks for the advice. My public key is on pool.sks-keyservers.net as well, I just used pgp.mit.edu off of the top of my head. Is sending signed mail to the list okay? - -- Many thanks Harry Rickards (GPG Key ID:646ED06A) - -----BEGIN GEEK CODE BLOCK----- Version: 3.1 GAT/GCM/GCS/GCC/GIT/GM d? s: a? C++++ UL++++ P- L+++ E--- W+++ N o K+ w--- O- M- V- PS+ PE Y+ PGP++ t 5 X R tv-- b+++ DI D---- G e* h! !r y? - ------END GEEK CODE BLOCK------ -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.9 (GNU/Linux) Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org/ iEYEARECAAYFAkoa1XMACgkQ1kZz3mRu0Grz/gCfVoJukKoWBk2RgmWzD37WsPIU vHQAnio29KDdqZiDtTiuNs3yrP8CGwa1 =MZ9T -----END PGP SIGNATURE----- From darylstyrk at gmail.com Mon May 25 10:48:45 2009 From: darylstyrk at gmail.com (Daryl Styrk) Date: Mon, 25 May 2009 13:48:45 -0400 Subject: [Enigmail] Test encrypted email In-Reply-To: <4A1AD573.6000006@l33tmyst.com> References: <4A1ACAE7.7060306@l33tmyst.com> <4A1AD250.9090100@Mozilla-Enigmail.org> <4A1AD573.6000006@l33tmyst.com> Message-ID: <20090525174845.GA6436@t61.daryl.homelinux.net> -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 On Mon, May 25, 2009 at 06:29:23PM +0100, Harry Rickards wrote: > > Okay, thanks for the advice. My public key is on pool.sks-keyservers.net > as well, I just used pgp.mit.edu off of the top of my head. Is sending > signed mail to the list okay? Yes - -- Daryl Styrk Naples, FL USA -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.9 (GNU/Linux) iEYEARECAAYFAkoa2f0ACgkQ6baBhW8Czrjj3wCfettMLH6hUs+e/IuyY0Sr9Ijm JfUAnRqS5e3NpwaRyPqeRSav4ARio+Hb =XVJu -----END PGP SIGNATURE----- From John at Mozilla-Enigmail.org Mon May 25 11:00:04 2009 From: John at Mozilla-Enigmail.org (John Clizbe) Date: Mon, 25 May 2009 13:00:04 -0500 Subject: [Enigmail] Test encrypted email In-Reply-To: <4A1AD573.6000006@l33tmyst.com> References: <4A1ACAE7.7060306@l33tmyst.com> <4A1AD250.9090100@Mozilla-Enigmail.org> <4A1AD573.6000006@l33tmyst.com> Message-ID: <4A1ADCA4.3040600@Mozilla-Enigmail.org> Harry Rickards wrote: > On 05/25/09 18:16, John Clizbe wrote: >> Harry Rickards wrote: > > Okay, thanks for the advice. My public key is on pool.sks-keyservers.net > as well, I just used pgp.mit.edu off of the top of my head. Is sending > signed mail to the list okay? Signed mail is encouraged. Either inline or PGP/MIME. It is nicer if you trim down the quoted part of replies. Re the pgp.mit.edu thingy: pool.sks-keyservers.net remains the more robust solution. That said, if _you_ want to point at a single server, you may, I just ask you think at "single point of failure" beforehand. You may find status on all the presently known SKS keyservers at http://sks-keyservers.net/status/ or http://www.pramberger.at/peter/services/keyserver/network/ . (Don't attach too much emphasis to the number of keys. Keyservers are located around the globe and only run statistics once per day. Having the greatest number keys only means that that given server had its stats run closest to the polling script for the status page running.) -- John P. Clizbe Inet:John (a) Mozilla-Enigmail.org You can't spell fiasco without SCO. hkp://keyserver.gingerbear.net or mailto:pgp-public-keys at gingerbear.net?subject=HELP Q:"Just how do the residents of Haiku, Hawai'i hold conversations?" A:"An odd melody / island voices on the winds / surplus of vowels" -------------- next part -------------- A non-text attachment was scrubbed... Name: signature.asc Type: application/pgp-signature Size: 678 bytes Desc: OpenPGP digital signature URL: From hrickards at l33tmyst.com Mon May 25 11:04:36 2009 From: hrickards at l33tmyst.com (Harry Rickards) Date: Mon, 25 May 2009 19:04:36 +0100 Subject: [Enigmail] Test encrypted email In-Reply-To: <4A1ADCA4.3040600@Mozilla-Enigmail.org> References: <4A1ACAE7.7060306@l33tmyst.com> <4A1AD250.9090100@Mozilla-Enigmail.org> <4A1AD573.6000006@l33tmyst.com> <4A1ADCA4.3040600@Mozilla-Enigmail.org> Message-ID: <4A1ADDB4.1090900@l33tmyst.com> -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 On 05/25/09 19:00, John Clizbe wrote: > Harry Rickards wrote: >> On 05/25/09 18:16, John Clizbe wrote: >>> Harry Rickards wrote: > > >> Okay, thanks for the advice. My public key is on pool.sks-keyservers.net >> as well, I just used pgp.mit.edu off of the top of my head. Is sending >> signed mail to the list okay? ... > Re the pgp.mit.edu thingy: pool.sks-keyservers.net remains the more > robust solution. That said, if _you_ want to point at a single server, > you may, I just ask you think at "single point of failure" beforehand. > > You may find status on all the presently known SKS keyservers at > http://sks-keyservers.net/status/ or > http://www.pramberger.at/peter/services/keyserver/network/ . > > (Don't attach too much emphasis to the number of keys. Keyservers are > located around the globe and only run statistics once per day. Having > the greatest number keys only means that that given server had its stats > run closest to the polling script for the status page running.) > Thanks for the links. I don't actually rely on one single keyserver, but I generally just use either pgp.mit.edu (no more) or pool.sks-keyservers.net when I'm linking to my key. Again, thanks for the tips everyone. - -- Many thanks Harry Rickards (GPG Key ID:646ED06A) - -----BEGIN GEEK CODE BLOCK----- Version: 3.1 GAT/GCM/GCS/GCC/GIT/GM d? s: a? C++++ UL++++ P- L+++ E--- W+++ N o K+ w--- O- M- V- PS+ PE Y+ PGP++ t 5 X R tv-- b+++ DI D---- G e* h! !r y? - ------END GEEK CODE BLOCK------ -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.9 (GNU/Linux) Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org/ iEYEARECAAYFAkoa3bQACgkQ1kZz3mRu0GowcACg+U0SlelM5NWj+TAXP+DTNiL3 1TwAmwQ2w7Kv4p/FuQyNDqMZtYFEd3c5 =xEEj -----END PGP SIGNATURE----- From matt.hickford at gmail.com Mon May 25 12:10:08 2009 From: matt.hickford at gmail.com (Matthew Hickford) Date: Mon, 25 May 2009 20:10:08 +0100 Subject: [Enigmail] Enigmail for Thunderbird 3 on 64 bit Linux In-Reply-To: <4A1AD21E.5060104@FamilleCollet.com> References: <4A15751B.7090407@gmail.com> <4A1AD21E.5060104@FamilleCollet.com> Message-ID: <4A1AED10.5000303@gmail.com> Thanks Remi I read your message the day after, I also built enigmail for Fedora 11, I sent a copy of the build to Olav (enigmail dev) Matt From patrick at mozilla-enigmail.org Mon May 25 23:34:56 2009 From: patrick at mozilla-enigmail.org (Patrick Brunschwig) Date: Tue, 26 May 2009 08:34:56 +0200 Subject: [Enigmail] Enigmail 'latched' onto invalide gpg key In-Reply-To: <4A1AC48D.9030307@gmail.com> References: <4A1AC48D.9030307@gmail.com> Message-ID: <4A1B8D90.80207@mozilla-enigmail.org> -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 Brendan Sullivan wrote: > Hello all, I've recently tried to register a gpg key (first one ever) > and at the same time installed enigmail for Thunderbird. I didn't > realize enigmail would handle that for me, so at the cmd line I ran: > > gpg --gen-key > > and ran through the options and set it up and then : > > gpg --server keyserver.ubuntu.com --send-keys > > waited for my confirmation email, and in the mean time, setup enigmail > (via the initial wizard) with my new gpg key and associated it with my > primary email account. > > When the confirmation email came I got a surprise. I must have mistyped > my ~25 character passphrase twice as I could not unlock the encrypted > confirmation email from the keyserver. At this point I didn't know about > revocation certificates so I just deleted the key and started over. > Registered the new key, updated my new key in enigmail and it > /decrypted/ my confirmation email just fine. However when i went to > compose an email and send it, I got the following error : > > gpg command line and output: > /usr/bin/gpg --charset utf8 --batch --no-tty --status-fd 2 -t > --clearsign -u 0xD9084941 --use-agent > gpg: skipped "0xD9084941":secret key not available > gpg: [stdin]: clearsign failed: secret key not available > > Now, the problem is that D9084941 is that 'first key' that I do not have > the secret (or public) files for anymore....and no matter what I do I > can't get enigmail to use my new current key FOR SENDING email that is > setup and registered and works for decrypting mail in Thunderbird. > > Does anyone have any ideas? Sorry for being so wordy, I'm really > confused as to what is not getting configured correctly. If you need any > more info please let me know. You should modify your account settings and set your new key explicitly. Menu Edit > Account Settings > OpenPGP Security: activate "Use specific OpenPGP key ID"; then click on the "Select Key button". - -Patrick -----BEGIN PGP SIGNATURE----- Version: GnuPG v2.0.11 (GNU/Linux) Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org/ iQEVAwUBShuNjncOpHodsOiwAQiQxQf/fqwcu/yMAMoIJbrVI6GjOQJBPEI4d+LZ B0dQNLhAuR4sxMa8D0ATjaYHC/TbMCIpoN6DBNqs7DvuZ489E4Bv6jiIV+4YK+GC tFuciTlcO6G07vA6qgHWdRc7ldWfrMmCDM0UsPQSFhdE/adc+vCsxKFr4GHdhQr5 LHInYGoWPU2hgd2G/dIy3EeOYip7lppuYdEJcxyqOw062AeYaUgFNntUoNvFRTks xfMCOO13Cksj/1CKIVug9BwWzz/0SY4reYyw2wmDn0at6rKMbdYs7drW9gqdo6/W LwAqSzl9oIaveWLpx92LvsEj+V9IcESAkCbU+u9Vb9xLrM1004TrqA== =CdTX -----END PGP SIGNATURE----- From b.sullivan83 at gmail.com Tue May 26 04:21:27 2009 From: b.sullivan83 at gmail.com (Brendan Sullivan) Date: Tue, 26 May 2009 07:21:27 -0400 Subject: [Enigmail] Enigmail 'latched' onto invalide gpg key In-Reply-To: <4A1B8D90.80207@mozilla-enigmail.org> References: <4A1AC48D.9030307@gmail.com> <4A1B8D90.80207@mozilla-enigmail.org> Message-ID: <4A1BD0B7.4070103@gmail.com> -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Patrick, That worked perfectly! Thank you for your help. I did not think to check in account settings as Enigmail added it's own menu to Thunderbird. Didn't realize it changed other menus as well. Thanks again, - -Brendan Patrick Brunschwig wrote: > > You should modify your account settings and set your new key explicitly. > Menu Edit > Account Settings > OpenPGP Security: activate "Use specific > OpenPGP key ID"; then click on the "Select Key button". > > -Patrick _______________________________________________ Enigmail mailing list Enigmail at mozdev.org https://www.mozdev.org/mailman/listinfo/enigmail -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.9 (GNU/Linux) iEYEARECAAYFAkob0KQACgkQLWGn+F0ogsmFaACeLj+MZ0FXGnAc9jyEUM0IeMMa xukAoIkZu/CoZ197AQLsC55YAUm5yu9L =5rAh -----END PGP SIGNATURE----- From elwoodzulu at gmail.com Wed May 27 13:35:37 2009 From: elwoodzulu at gmail.com (mr mark) Date: Wed, 27 May 2009 16:35:37 -0400 Subject: [Enigmail] please remove me Message-ID: <4A1DA419.7010705@gmail.com> thank you From oberon at q.com Wed May 27 13:37:18 2009 From: oberon at q.com (Oberon) Date: Wed, 27 May 2009 15:37:18 -0500 Subject: [Enigmail] please remove me In-Reply-To: <4A1DA419.7010705@gmail.com> References: <4A1DA419.7010705@gmail.com> Message-ID: On 5/27/2009 3:35 PM, mr mark wrote: > thank you > __________ Or, you might choose to just do it yourself. Click on the link below for a simple guide even you can follow. -- No magic is ever truly destructive. For what is destruction, except creation with an agenda? ----------------------------------------------------------- This mail is from The Old Sinner, a.k.a The Beast 333. (Not evil, just a little bit naughty.) This mail is a natural product. Slight variations in grammar and spelling can be expected and in no way diminish the intent of the message. ----------------------------------------------------------- From jmoore3rd at bellsouth.net Wed May 27 14:07:41 2009 From: jmoore3rd at bellsouth.net (John W. Moore III) Date: Wed, 27 May 2009 17:07:41 -0400 Subject: [Enigmail] please remove me In-Reply-To: <4A1DA419.7010705@gmail.com> References: <4A1DA419.7010705@gmail.com> Message-ID: <4A1DAB9D.2010505@bellsouth.net> -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 mr mark wrote: > https://www.mozdev.org/mailman/listinfo/enigmail Please Note this Link which appears at the bottom of _every_ Post on this List. All that is required is for You to 'REmove' Yourself the same way that You signed up for this bulletin/List/forum. No one twisted Your arm to make You subscribe and no one will twist it to force You to stay. :-D JOHN ;) Timestamp: Wednesday 27 May 2009, 17:06 --400 (Eastern Daylight Time) -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.10-svn5021: (MingW32) Comment: Public Key at: http://tinyurl.com/8cpho Comment: Gossamer Spider Web of Trust: https://www.gswot.org Comment: Homepage: http://tinyurl.com/yzhbhx iQEcBAEBCgAGBQJKHauaAAoJEBCGy9eAtCsP/KIH/0yM5aXsHyh14yT/Ee5qQxaV wan4uj065nFTwU+iEsRhsNwI9Hs8fbziqCbREZx13eCx4SF0Hb8flnHh1ttqT2pA y5TMVPG0CX5glokl9XZ958cnIADE6O0JYH3G87kAEs67ZKeXbnUXgF9zGNyUgqPA xlyRsm0xrj2foBDcrb+hjNkSY744oEDWE4qZA0O+1Xr19OmuWYRNb4gqPFIjCyAp gPCLZSr2nrlgZ//n3qoVHgcHs/NJ7UtnyfNbUf/pjHC9ECfedqmlSJ88TxYhVutF HBXvxqHWmkln5F4BLFLQt509SYdTvqiJryWch3e4I2GRtCSzK2DS7stYc8odLcA= =uDLd -----END PGP SIGNATURE-----